Also  inside:  A  Call  for  Mobile  Innovation  40 
Down  Economy  Spurs  Demand  for  Business-Savvy  IT  Pros  6 

COMPUTERWORLD 


Peer  Perspective.  IT  Leadership. 
Business  Results. 

COMPUTERWORLD.COM 
MAY  6,  2013 


rfjjjtmiiWH'-® 


r 


Open-source 
software  throws 
a  wrench  into 
traditional  evaluation 
processes.  Here's 
what  to  look  for. 


pv  * 

p 

*  -t  i 

_  i  / 


"""""a  u  ,  *  ’ 


Copyright  t  2013  VMware.  Inc 


VMware  virtualization 
has  saved  businesses 
billions  of  dollars. 

Here’s  how  we’re 
going  to  save  them 
billions  more. 


The 

Softwa  re- Defined 
Data  Center. 


VMware  pioneered  cloud  computing  by 
virtualizing  servers.  Now,  we  can  virtualize 
entire  data  centers.  So  servers,  storage, 
networking  and  security  can  deliver  even 
greater  levels  of  automation,  efficiency  and 
agility.  VMware  vCloud®  Suite  5.1  delivers 
the  Software-Defined  Data  Center,  now.  It’s 
the  data  center  for  the  new  cloud  era. 

vmwa  re* 

Visit  vmware.com/sddc 


COMPUTERWORLD 

P.O.  Box  9171 
492  Old  Connecticut  Path 
Framingham,  MA  01701-9171 
(508)  879-0700 

Computerworld.com 

>  EDITORIAL 

Editor  in  Chief 

Scot  Finnie 

Executive  Editor 

Julia  King  (events) 

Managing  Editors 

Johanna  Ambrosio  (technologies). 
Ellen  Fanning  (features), 

Sharon  Machlis  (online), 

Ken  Mingis  (news), 

Bob  Rawson  (production) 

Assistant  Managing  Editor 

Valerie  Potter  (features) 

Director  of  Blogs 

Joyce  Carpenter 

Art  Director 

April  Montgomery 

Senior  Reviews  Editor 

Barbara  Krasnoff 

Features  Editor 

Tracy  Mayor 

News  Editors 

Mike  Bucken,  Marian  Prokop 

National  Correspondents 

Julia  King,  Robert  L.  Mitchell 

Reporters 

Sharon  Gaudin,  Matt  Hamblen, 
Gregg  Keizer.  Lucas  Mearian, 

Patrick  Thibodeau, 

Jaikumar  vijayan 

Copy  Editor 

Carla  Dempsey 

Editorial  Project  Manager 

Mari  Keefe 

Associate  Online  Editor 

Rebecca  Linke 

Office  Manager 

Linda  Gorgone 

Contributing  Editors 

Jamie  Eckle,  Preston  Gralla, 

JR  Raphael 

ft  CONTACTS 

Phone  numbers,  email  a  tresses 
and  reporters'  t  Its  are  available 
online  at  CQmputerworicl.com 
(see  Contacts  link  at  the  bottom 
of  the  home  page). 

Letters  to  the  Editor 

Send  to  lettersigicomputerworld. 
com.  Include  an  address  and  phone 
number  for  immediate  verification. 
Letters  will  be  edited  for  brevity 
and  clarity. 

News  tips 

newstips@computerworld.com 

Subscriptions  and  back  issues 

(888)  559-7327.  cw@omedaxom 

Reprints/permissions 

The  YGS  Group.  (800)  290-5460, 
ext.  100.  computei  worldta) 
theygsgroup.com 


THIS  ISSUE  |  05.06.2013  [  VOL.  47,  NO.  8  $5/C0PY  ] 

r _ -i 


QDfiTI  iniiT  flDPM  CnilDfC 


COVER  STORY 


Sizing  Up  Open  Source 

16  What  you  need  to  keep  in  mind  when  evaluating  open-source  software, 
from  the  culture  of  the  open-source  community  to  what  you’ll  be  expected  to  contribute. 


Free  (With  Strings  Attached) 

24  Open-source  software  is  free,  flexible  and  adaptable,  but  lax  oversight 
can  obliterate  the  benefits.  Read  about  how  IT  is  keeping  track. 


Spring  Training  for  Bl  Experts 

28  How  do  you  make  it  to  the  data  scientist  big  leagues?  There’s  no 
one  right  path.  Instead,  it’s  largely  a  scramble  out  there  on  the  big  data  field. 


HEADS  UP  |  2  Harvard  envisions  an  era  of 
low-cost  solar  power.  |  Google  bets  big  on 

new  tech.  I  4  Domestic  IT  service  providers 
applaud  the  immigration  bill’s  checks  on  Hl-B 
use.  |  Florida  bans  drones  without  a  warrant. 

NEWS  ANALYSIS  I  6  Companies  ask  business- 
savvy  IT  pros  to  help  them  make  money.  I 
8  Breaches  are  harder  to  detect  because  clever 
hackers  are  outwitting  security  tools. 


OPINIONS  |  14  Thornton  May  advises  taking 
an  “ensemble”  approach  to  data  science.  I 
34  Preston  Gralla  wonders  if  Microsoft  will 
once  more  be  bested  in  a  market  it  pioneered,  i 
40  Scot  Finnie  calls  for  mobile  innovation. 

DEPARTMENTS  I  10  The  Grill:  Healthcare 

CIO  James  Turnbull  I  32  Security  Manager's 
Journal:  Even  best-laid  plans  are  made  to  be 
revised.  I  36  Career  Watch  I  39  Shark  Tank 


llllllllllllllll  FOR  BREAKING  NEWS,  VISITCOMPUTERWORLD.COM  1111111111111111 


ILLUSTRATIONS  BY  VIKTOR  KOEN  /  PHOTO  BY  GETTY  IMAGES 


Fresh 

Insights 

New 

Trends 

Great 

Ideas 


IT  INDUSTRY 


Google  CEO 
Backs  Non-core 
Products  Plan 


SOLAR  POWER 


Harvard  Pushes  for  Cheaper  Solar  Panels 


IN  A  MOVE  that  it  hopes  will  help  usher  in 
an  age  of  low-cost  solar  power,  Harvard 
University’s  Clean  Energy  Project  (CEP) 
in  June  plans  to  release  a  list  of  20,000 
organic  compounds  that  could  be  used  to  make 
cheap,  printable  photovoltaic  cells  (PVC). 

The  list,  which  the  CEP  will  make  available 
to  solar  power  developers,  could  lead  to  the 
development  of  very  low-cost  PVCs.  Using  the 
compounds,  a  PVC  that  covers  1  square  meter 
would  cost  about  the  same  as  the  paint  needed 
to  cover  the  same  area,  according  to  Harvard. 

The  CEP’s  data  “will  ultimately  benefit 
mankind  with  cleaner  energy  solutions,”  said 
Alan  Aspuru-Guzik,  a  Harvard  associate  pro¬ 
fessor  of  chemistry  and  chemical  biology. 

Today,  the  most  popular  PVCs  are  made  of 
silicon  and  cost  about  $5  per  wafer  to  produce. 
For  a  solar  energy  technology  to  be  competi¬ 


tive,  each  wafer  would  need  to  cost  about  50 
cents,  according  to  Aspuru-Guzik. 

The  compounds  on  the  CEP’s  list  could  also 
improve  the  solar  conversion  rates  of  PVCs.  Cur¬ 
rently,  the  top  solar  conversion  rate  of  silicon 
PVCs  is  about  12%,  meaning  that  only  12%  of 
the  light  that  hits  them  is  converted  to  energy. 

The  CEP  uses  IBM’s  World  Community 
Grid  —  which  relies  on  the  spare  processing 
power  of  around  6,000  computers  all  over  the 

world  —  in  its  search  for  the  best  _ 

molecules  for  organic  photovolta- 
ics,  as  well  as  the  best  ways  to 
assemble  the  molecules  to  build 
inexpensive  solar  cells. 

Harvard  has  built  data  storage  systems 
with  a  capacity  of  about  400TB  to  capture  the 
results  of  the  computations. 

-  Lucas  Mearian 


COMPUTERWORLD.COM 


Google’s  core  offering  may  be 
search,  but  the  company  is  just 
as  serious  about  providing  in-the- 
moment  information  to  users  with 
emerging  technologies  such  as 
Google  Now,  self-driving  cars  and 
Google  Glass,  CEO  Larry  Page  said 
during  the  company’s  recent  earn¬ 
ings  call  with  analysts. 

Those  products,  along  with  voice- 
based  search  and  others,  may  be 
risky  “big  bets,”  but  Google  doesn't 
want  to  be  focused  only  on  “incre¬ 
mental  technologies,"  Page  said. 

“That  is  why  we’re  investing  in 
what  appear  to  be  speculative  proj¬ 
ects,"  he  added.  “[Most  companies) 
never  do  anything  different,  and  they 
run  into  problems  for  that  reason.” 

During  the  conference  call,  finan¬ 
cial  analysts  asked  how  Google  will 
monetize  new  products  such  as 
Google  Now,  which  functions  as  a 
kind  of  personal  digital  assistant  to 
automatically  give  users  informa¬ 
tion  as  they  go  about  their  day. 

“I’m  not  worried  about  that,”  Page 
said.  “The  better  the  job  we  can  do 
in  providing  users  with  informa¬ 
tion  without  their  asking  for  it,  the 
better  we  can  provide  commercial 
information  from  people  who  are 
excited  about  pro¬ 
moting  it.’ 

For  the  latest 
quarter,  Google's 

sales  rose  by  31%  to  about  $14  bil- ' 
lion,  driven  partly  by  strong  gains  in 
advertising  revenue. 

-  ZACH  MINERS, 
IDG  NEWS  SERVICE 


2  COMPUTERWORLO  MAY  6.  2013 


The  ideal  database  system 
would  run  lightning-fast 
transactions  and 
real-time  analytics.  A 


CACHE 


InterSystems  f 


Download  or  request  a  free,  fully  functional,  non-expiring  trial  version  at  InterSystems.com/Ideal4A 


©  2013  InterSystems  Corporation,  Cambridge,  MA.  All  rights  reserved.  InterSystems  Cache  is  a  registered  trademark  of  InterSystems  Corporation.  5-6-13  CacheIdeai4CoWo 


HEADS  UP 


Micro 

Burst 


BETWEEN  THE  LINES 

By  John  Klossner 


wvw.jklossnep.com 


Driverless  Car 


COlNClPENTAUX 
THAT ‘5  ALSO  How 
WE  REFER  +o 

0UR  Rip  plans. 


IMMIGRATION  BILL 

Tech  Execs  Say  H-lB  Checks  May  Help 


Against  a  backdrop  of  cornfields 
and  farmhouses,  this  message 
appears  on  the  home  page  of  IT 
support  services  provider  Caleris: 
“Outsource  to  Iowa.  Not  India.” 

The  point  couldn’t  be  clearer.  The  company 
is  competing  from  rural  Iowa  against  offshore 
IT  services  providers  in  India  and  other  locales. 

Caleris  co-founders  Sheldon  Ohringer  and 
Rick  Grewell,  both  native  Iowans,  believe  the 
U.S.  Senate’s  long-awaited  comprehensive  im¬ 
migration  bill  could  benefit  their  business. 

The  bill,  written  by  the  so-called  Gang 
of  Eight  Democratic  and  Republican  sena¬ 
tors,  seeks  restrictions  on  the  use  of  workers 
holding  H-iB  and  L-i  visas  and  would  likely  in¬ 
crease  costs  for  offshore  IT  service  providers. 

Ohringer  said  he  isn’t  well  versed  in  the 
specifics  of  the  legislation,  but  he  understands 
its  intent.  “If  the  costs  go  up  to  do  it  in  India  or 
offshore,  that  is  a  positive  for  us,”  he  said. 

The  bill  could  create  challenges  for  offshore 
outsourcers  by  eventually  limiting  H-iB  and 


L-i  workers  to  50%  of  an  employer’s  workforce 
and  by  saddling  companies  with  fees  of  as 
much  as  $10,000  for  every  visa  holder  they 
employ  beyond  that  limit.  Foreigners  holding 
temporary  visas  make  up  for  more  than  half  of 
the  U.S.-based  workforces  of  many  IT  service 
providers  that  are  headquartered  overseas. 

The  bill  also  requires  employers  to  pay 
higher  wages  to  foreign  workers  with  H-iB 
visas.  How  much  higher  isn’t  clear. 

Ohringer  said  he  hasn’t  lobbied  elected 
officials  to  crack  down  on  offshore  outsourcers 
on  behalf  of  Caleris,  which  was  founded  nine 
years  ago  with  25  workers  and  now  employs 
400  people  in  four  facilities. 

Brian  Keane,  CEO  of  IT  services  company 
Ameritas  Technologies,  agreed  that  the  Senate 
bill  would  benefit  domestic  IT  services  provid¬ 
ers.  The  bill  would  help  the  United  States 
maintain  its  technological  self-sufficiency,  said 
Keane,  former  CEO  of  a  $1  billion  IT  services 
company  that  bore  his  name. 

-  Patrick  Thibodeau 


Daily  deals  site 
LivingSocial  urged 

50  million 

users  to  reset  their 
passwords  after  hackers 
hit  the  company’s  servers. 


EMERGING  TECH 

Florida  Restricts 
Use  of  Drones 
By  Police 

In  response  to  public  concern 
that  technological  advances  could 
threaten  the  privacy  of  citizens, 
Florida  has  passed  a  law  restrict¬ 
ing  the  use  of  unmanned  aerial 
vehicles,  or  drones,  by  state  law 
enforcement  officials.  It's  the  first 
law  of  its  kind  in  the  country. 

The  Freedom  From  Unwarranted 
Surveillance  Act  requires  local 
police  to  obtain  a  warrant  based 
on  probable  cause  before  using  a 
drone  for  surveillance  purposes. 

Police  are  only  allowed  to  use 
drones  without  a  warrant  in  situ¬ 
ations  where  there’s  an  imminent 
threat  to  property  or  life,  or  if  the 
U.S.  Department  of  Homeland  Se¬ 
curity  has  declared  a  high  risk  of  a 
terrorist  attack. 

Florida  Gov.  Rick  Scott  signed  the 
bill  into  law  on  April  25.  In  a  state¬ 
ment  following  the  Florida  Senate’s 
passage  of  the  bill,  Scott  said.  "This 
law  will  ensure  that  the  rights  of 
Florida  families  are  protected  from 
the  unwarranted  use  of  drones.” 

Several  other  states,  including 
Texas,  Montana,  Missouri,  Virginia. 
Nebraska  and  Oregon,  are  consid¬ 
ering  similar  measures. 

in  February  2012,  President 
Barack  Obama  signed  a  law 
permitting  FAA  supervision  of 
unmanned  aerial  vehicles. 

-  JAIKUMAR  VIJAYAN 


4  COMPUTERWORLD  MAY  6.  2013 


i 


BlackBerry®  Balance™ 

The  best  of  both  worlds  to  keep  your  business  moving 


BlackBerry®  Balance™  gives  employees  the  freedom  and  privacy  they  want 
while  delivering  a  Work  Space  that  is  fully  encrypted,  managed  and  secured, 
so  you  can  protect  critical  corporate  data  and  apps.  It's  the  perfect  work-life 
balance,  built  into  every  BlackBerry®  10  smartphone  and  managed  through 
BlackBerry®  Enterprise  Service  10. 


Get  the  full  story  and  a  free  60-day  BlackBerry 
trial*  at  blackberry.com/business 


Keep  Moving 


Personal 


Work 


Bloomberg 


BlackBerry 
World  -  Work 


Cisco  WebEx 


Bloomberg 


NEWS  ANALYSIS 


Business-Savvy  IT  Pros 
Key  in  Down  Economy 

IT  workers  increasingly  need  to  have  business  acumen 
along  with  technical  skills  so  they  can  better  help  struggling 
companies  boost  the  bottom  line.  By  Fred  O’Connor 


ECONOMIC  WOES  in  recent  years  have  spurred  compa¬ 
nies  of  all  sizes  to  shake  up  data  center  hiring,  training, 
development  and  other  processes  to  better  align  IT  and 
business  operations  —  and  boost  the  bottom  line. 

Many  companies  now  look  for  IT  employees  who  can 
contribute  more  than  code,  and  they  think  business  acumen  is 
as  important  as  technical  expertise,  because  business-sawy  IT 
workers  can  help  companies  cut  costs  and  in  some  cases  even 
generate  revenue,  according  to  IT  executives. 

For  example,  BoxTone,  a  startup  provider  of  mobile  device 
management  software  and  services,  asks 
prospective  IT  employees  during  the 
interview  process  whether  they’re  inter¬ 
ested  in  learning  about  the  business,  said 
CEO  Alan  Snyder,  adding  that  those  who 
say  they  aren’t  interested  don’t  get  hired. 

“You  must  understand  the  business  to 
drive  it  forward,”  Snyder  said.  “I  want 
somebody  that  acts  and  functions  as  an 
owner  and  has  a  stake  in  the  business 
and  our  customers.” 


Snyder  noted  that  the  best  new  product 
ideas  at  a  company  like  BoxTone  often 
come  from  internal  IT  workers. 

Amsterdam-based  electronics  giant 
Philips  is  in  the  midst  of  an  effort  to 
better  align  IT  and  business  as  part  of  a 
larger  plan  to  streamline  the  steps  needed 
to  bring  products  and  services  to  market. 

The  companywide  effort  requires  IT 
workers  who  can  offer  insight  into  tools 
beyond  traditional  enterprise  software, 
said  deputy  CIO  Joe  Norton. 

“We’re  all  buying  from  Oracle,  from 
SAP,  from  Microsoft,”  he  said.  “What’s 
the  competitive  advantage?  There  is 
none.  The  competitive  advantage  is  all 
about  information  acquisition.” 

Obtaining  and  using  that  informa¬ 
tion  to  develop  the  right  products  when 
markets  need  them  is  the  future  of 
Philips  and  its  IT  unit,  Norton  said. 

“They’re  going  to  be  business  tech¬ 
nologists  who  review  how  we  go  to  the 
marketplace,”  Norton  said. 

Philips,  which  has  IT  operations  in 
more  than  600  locations  in  60  countries, 
has  taken  steps  to  help  its  IT  staff  adjust. 

For  instance,  Norton  said,  the  company 
has  started  using  webcasts,  workshops, 
newsletters  and  panel  discussions  to 
explain  its  corporate  focus  and  how  de¬ 
partments  are  interconnected.  In  addition, 
Philips  is  now  training  all  workers  in  how 
the  Agile  software  development  process, 
which  includes  user  input  from  start  to 
finish,  will  be  used  at  the  company. 

Chesterfield,  Mo.-based  healthcare 
provider  Mercy,  whose  32  hospitals  treat 
more  than  3  million  patients  annually,  completed  a  search  for  a 
business-sawy  CIO  when  it  hired  Gil  Hoffman  in  October. 

Hoffman’s  responsibilities  will  include  helping  to  develop 
IT  services  to  sell  to  other  healthcare  companies.  “When  they 
recruited  me,  there  was  a  real  interest  in  trying  to  get  more  busi¬ 
ness  knowledge,  instead  of  just  technology  knowledge,  into  the 
IT  organization,”  he  said. 

Mercy’s  IT  shop  is  still  an  internal  service  organization,  but 
now  it’s  more  proactive  and  looks  for  ways  to  use  technology  to 
remove  work  obstacles.  “We’re  much  less  focused  on  the  technol¬ 
ogy  and  more  focused  on  what  kinds 
of  problems  we  are  trying  to  solve,” 
said  Hoffman. 

Now  that  tech  staffers  are  aware 
of  what  other  departments  expect 
from  technology,  Hoffman  said,  IT 
can  play  a  constructive  role  in  the 
technology  purchase  process  and 
possibly  help  them  save  money.  ♦ 
O’Connor  is  a  reporter  for  the 
IDG  News  Service 


We’re  much  less 
focused  on  the 

technology  and  more  focused 
on  what  kinds  of  problems  we 
are  trying  to  solve.” 


6  COMPUTERWORLD  MAY  6.  2013 


CIO.  MERCY 


TMINlCSrOCB 


PRICE  CONTROL 


r 


Server  Configuration 


Linux 


Standard 

Business 


4/  COMPLETE  COST  CONTROL 

■  NEW:  No  setup  fee! 

■  NEW:  No  base  price! 

■  NEW:  No  minimum  contract  period! 

■  Full  transparency 

with  accurate  hourly  billing 

■  Parallels8  Plesk  Panel  11  included, 

with  unlimited  domains 


✓  FULL  ROOT  ACCESS 

■  The  complete  functionality  of  a  root 
server  with  dedicated  resources 


PER  HOUR* 


✓ 


MAXIMUM  FLEXIBILITY 

■  Configure  the  Processor  Cores,  RAM 
and  Hard  Disk  Space 

■  Add  up  to  99  virtual  machines 


FAIL-SAFE  SECURITY 


■  Redundant  storage  and  mirrored 
processing  units  reliably  protect 
your  server 


■  •  ■ 


j 


1 1  Parallels 

Plesk  Panel 


OPTERON 

PROCESSOR 


A'MDZl 


MEMBER  OF 


united 

internet 


DOMAINS  |  E-MAIL  j  WEB  HOSTING  |  eCOMMERCE  |  SERVERS 
Call  1  (877)  461-2631  or  buy  online 


1and1.com 

:  a.-.v  ,.  ■/*: 

•  .•  .  '  *  s  :  '.."••••  r 

'  .  •  ••  ■  .  £■  •-  »>  >• 

.  1  iii  t  •  :■!  '■  ■>.  . 


Other  terms  and  renditions  may  apply.  Visit  www.1and1.com  (or  full  promotional  offer  details.  Customer  is  billed  monthly  for  minimum. configuration  (SO Ml  hcrtir;  720  hours*-  J. ' ' 


$4  3.20/  month  minimum).  Program  and  pricing  specifications  and  availability  subject  to  change  without  notice.  1&I  and  the  1&1  logo  ate  trademarks  of 

t.  .1.  m  .rL,  .,a  tUn  >vrn»nr4ii  >,(  tfioir  rnrrtnHiuu  numnre  "701*4  1  tf.1  Intro  mil  All  rinhtc  rrnnrwnri  .*  i*.*  ti-'&.d&s  & '  ■  1  " 


trademarks  are  the  property  of  their  respective  owners.  <£)  2013  1&1  Internet.  All  rights  reserved 


!yV  k 

'  V,  fjgi  _ 


NEWS  ANALYSIS 


FRESH  FOODS 


Security  Tools  Can’t 
Keep  Hackers  at  Bay 

Analysts  say  hidden  breaches  like  one  that  exposed  credit 
card  data  of  Schnucks  supermarket  customers  for  four 
months  could  become  commonplace.  By  JaikumarVijayan 


FOR  A  FEW  MONTHS  earlier  this  year,  the  personal  data  of 
customers  of  the  Schnucks  supermarket  chain  was  exposed 
to  hackers  whose  work  went  undetected  until  after  a  card 
processing  company  issued  an  alert  about  fraudulent 
activity  on  a  handful  of  credit  and  debit  cards  used  at  the  stores. 

Even  after  the  alert  was  issued,  it  took  a  while  to  determine 
the  cause  and  close  the  breach.  In  an  initial  probe,  Schnucks 
quickly  ruled  out  insider  theft  or  faulty  point-of-sale  machines 
as  causes.  The  St.  Louis-based  retailer  then  hired  Mandiant,  a 
cybersecurity  firm,  to  pursue  the  investigation,  but  even  Mandi- 
ant’s  specialists  needed  about  two  weeks  to  find  and  plug  the 
breach,  and  then  secure  the  company’s  systems. 

Analysts  say  such  delays  in  finding  and  closing  breaches  could 
grow  more  common  because  hackers  are  getting  more  sophis¬ 
ticated  and  the  security  tools  needed  to  keep  them  at  bay  are 
mostly  still  in  development. 


The  difficulties  encountered  by  the 
Schnucks  security  team  and  the  security 
experts  from  Mandiant  show  how  good 
online  attackers  are  getting  at  concealing 
their  tracks,  said  Avivah  Litan,  an  analyst 
at  Gartner.  “You’d  think  they  would  have 
figured  out  what  to  shut  off  or  at  least 
how  to  control  traffic”  to  stop  data  leaks, 
she  added. 

Increasingly,  attackers  are  resorting  to 
techniques  like  hiding  stolen  data  inside 
legitimate  files  and  encrypting  data  to 
evade  detection,  she  said.  “They  cloak 
their  malware  or  hide  it  within  seemingly 
innocuous  files  so  that  it’s  very  difficult  to 
detect,”  she  said. 

“[Today’s]  network  and  enterprise  secu¬ 
rity  tools  are  not  smart  enough  to  detect 
the  hacking  when  it  occurs,”  and  they 
might  not  even  uncover  such  activity  in  a 
matter  of  hours  or  even  days,  Litan  said. 

“What’s  needed  —  and  what  some  tech 
startups  are  working  on  —  is  behavioral 
modeling,  baselining  and  profiling  of  all 
nodes  and  communication  ports  in  an 
internal  network,”  she  said,  adding  that 
such  tools  would  be  able  to  detect  abnor¬ 
mal  activity  and  communications  that 
occur  for  as  little  as  a  few  seconds  a  week. 

But  developing  such  tools  is  a  chal¬ 
lenge.  “This  is  difficult  to  pull  off  without 
a  lot  of  false  positives  and  noise  in  the 
system,”  Litan  said. 

Jim  Huguelet,  principal  of  the  Huguelet 
Group,  said  the  fact  that  it  took  so  long  to 
isolate  the  cause  of  the  Schnucks  breach 
“could  indicate  that  the  malware  was  custom-written  for  Schnucks’ 
environment  or  utilized  unique  techniques  to  hide  its  existence.” 

“The  number  of  cards  compromised  is  significant  given  the 
relatively  small  size  of  the  Schnucks  chain  and  just  proves  that 
retailers  of  all  sizes  must  be  diligent  in  their  protection  of  their 
payment  processing  systems,”  said  Huguelet,  whose  firm  advises 
companies  on  how  to  comply  with  credit  card  security  standards. 

The  Schnucks  probe  eventually  determined  that  about  2.4 
million  credit  and  debit  cards  used  by  customers  at  too  stores 
and  96  in-store  pharmacies  in  five  Midwestern  states  were 
exposed  to  hackers  between  December  2012  and  March  30. 

The  company  launched  an  internal  investigation  on  March  14, 
hired  Mandiant  five  days  later  and  publicly  disclosed  the  breach 
on  March  30. 

Officials  of  the  supermarket  chain  didn’t  respond  to  requests 
to  comment  further  on  the  breach  or  the  investigation  into  it.  ♦ 


j  "r 


<  > 


[Today’s]  network  and  enterprise  security  tools  are  not  smart  enough  to 
detect  the  hacking  when  it  occurs.” 

By-  wnT) T : 


8  COMPUTER  WORLD  MAY  6.  2013 


MIKE  K  AL  ASNIK/FLICAR 


i 


OPEN 

SOURCE 


James 

Turnbull 


This  CIO  sees  new 
opportunities  for 
patient  care  with 
mobile  solutions. 


Family:  “I’m  recently  engaged, 
and  each  of  us  has  one  son 
and  one  daughter.” 

What’s  your  favorite  tech  toy? 

A  Taylor  acoustic  guitar 

Are  you  ever  completely 
unplugged?  "Yes,  very  deliberately. 
When  I’m  running,  skiing, 
golfing  and  motorcycling." 

Next  career  step:  Retirement 

Is  there  something  interesting 
that  people  don’t  know  about  you? 

“My  last  job  before  healthcare 
I  was  working  2,200  feet 
underground  in  a  nickel  mine  in 
northern  Canada.  The  healthcare 
field  looked  better  from  down  there.” 


AS  A  HEALTHCARE  CIO,  Jim  Turnbull  promotes  the  use  of  technology  as  a  tool  to 
improve  care  and  reduce  patient  costs.  He  has  guided  IT  initiatives,  including  the 
deployment  of  electronic  medical  records  and  computerized  physician  order-entry 
systems,  at  several  healthcare  organizations.  Now  CIO  at  University  of  Utah 
Health  Care  in  Salt  Lake  City,  Turnbull  was  recently  named  the  2012  John  E.  Gall  Jr.  CIO  of 
the  Year  by  the  College  of  Healthcare  Information  Management  Executives  and  the  Health¬ 
care  Information  and  Management  Systems  Society.  Here  he  shares  his  thoughts  on  how  IT  is 
changing  healthcare  and  how  he’s  guiding  IT  transformation  at  UUHC. 


What  has  been  your  biggest  success  as  CIO  at  UUHC?  It’s  working  with  the  team  that 
was  here  when  I  arrived  and  having  them  deliver  excellent  results.  We  focused  on 
some  core  disciplines,  getting  a  good  security  plan  in  place,  implementing  the  disci¬ 
pline  of  ITIL  and  project  management,  and  really  ramping  up  our  game  on  that  side. 


10  COMPUTERWORLD  MAY  6.  2013 


RED  HAT 

SUMMIT 


CONNECTIONS 
MAKE  US  STRONGER 

Join  us  at  Red  Hat  Summit  2013 

The  world  is  more  connected  now  than  ever 
before,  and  we're  on  the  edge  of  another 
technological  revolution.  From  smart  phones 
to  the  cloud,  we  have  the  information  we  need, 
whenever  we  need  it.  In  this  transparent  world, 
the  relationships  you  have  are  more  important 
than  ever.  Join  our  ecosystem  of  partners  and 
communities  to  move  the  world  forward, 
one  innovation  at  a  time. 

Register  today  for  Red  Hat  Summit 
June  11  -  14r  2013  in  Boston,  MA 

Use  promo  code  SUMMITCW  and  save. 

redhat.com/summit 


Copyright  ©  2013  Red  Hat,  Inc.  Red  Hat,  Red  Hat  Enterprise  Linux,  the  Shadowman  logo,  and  JBoss  are 
trademarks  of  Red  Hat,  Inc.,  registered  in  the  U.S.  and  other  countries.  Linux®  is  the  registered 
trademark  of  Linus  Torvalds  in  the  U.S.  and  other  countries. 


red  hat 


THE  GRILL  I  JAMES  TURNBULL 

We  focused  on  what  we  call  strategic  management 
—  or  strategically  aligned  management  —  and  there’s 
a  big  focus  on  recruitment  and  retention,  customer 
advocacy  and  focusing  on  tracking,  measuring  and 
communicating  our  results. 

Is  it  difficult  to  inherit  a  team?  In  my  experience  — 
and  I’ve  worked  at  four  healthcare  organizations  —  the 
typical  thing  I  find  when  I  walk  in  is  there  tends  to  be  a 
high  level  of  dissatisfaction  with  IT  from  other  parts  of 
the  organization.  That’s  something  I  felt  when  I  walked 
in  here.  I  found  that,  rather  than  replacing  the  team, 
there’s  a  lot  of  talent  here  and  it  was  a  matter  of  getting 
them  aligned  and  getting  them  back  to  the  basics. 


What  was  the  biggest  technol¬ 
ogy  challenge  you’ve  faced  at 
UUHC?  We  have  a  main  campus 
and  a  health  sciences  campus. 
There’s  the  more  traditional  uni¬ 
versity  and  adjacent  to  it  is  the 
health  sciences  campus,  which 
includes  the  hospital  and  some 
of  our  research  clinics  as  well  as 
the  schools  of  medicine,  nursing, 
pharmacy  and  allied  health.  The 
infrastructure  teams  were  split 
between  the  two.  And  when  I 
got  here,  we  realized  we  had  an 
opportunity  to  bring  those  two 
teams  together,  but  the  next 
challenge  was  to  bring  the  data 
centers  together.  That  meant 
moving  seven  separate  data 
centers  on  campus  to  a  single 
data  center.  As  you  can  imagine, 
that’s  a  pretty  complex  process. 
From  beginning  to  end  it  was 
about  a  three-year  process,  and 
it  was  completed  without  any 
serious  hiccups. 


What  about  the  biggest  non¬ 
technical  challenge?  It  was 

getting  buy-in  for  the  develop¬ 
ment  and  communication  of 
a  strategic  plan  for  IT,  staying 
focused  on  that  plan  and  reaching  a  stage  where  the 
organization  had  a  great  deal  of  confidence  in  our  IT 
organization  based  on  our  delivery  of  results.  There 
was  a  fair  degree  of  skepticism  that  the  IT  team  could 
work  together  with  the  rest  of  the  organization  and 
deliver  on  the  plan.  But  now  there’s  very  little  disagree¬ 
ment  within  the  organization  that  we  did  that. 

How  do  you  recruit  and  retain  top  talent?  Our 

leadership  team  in  IT  felt  that  the  people  best  able  to 
answer  that  is  our  team.  So  we  organized  a  committee 
without  any  senior  leadership  on  it.  About  15  of  them 


The  action 
is  shifting 
quickly 
to  mobile 
health  solutions  with 
much  greater  involve¬ 
ment  of  the  patients  in 
their  healthcare. 


got  together  and  came  up  with  85  recommendations 
on  how  we  could  address  the  issue.  They  wanted  to  do 
a  community  day  of  service  event,  do  things  socially 
together,  have  broader  recognition  opportunities.  They 
gave  us  the  top  10  [to  implement  as  a  start].  It’s  the 
reason  that  one  recent  quarter  we  had  zero  turnover, 
and  for  four  quarters  our  turnover  is  under  6%.  Our 
annual  turnover  in  the  broader  organization  is  about 
15%.  You  can  feel  the  change  in  morale.  We  stayed 
with  the  first  10  they  brought  us,  and  now  we’re  biting 
off  the  next  10. 

What’s  the  top  IT  initiative  you  now  have  on  your 
plate?  We’re  trying  to  move  to  a  single-vendor  solution. 

We  laid  the  groundwork  for 
that,  but  we’re  about  14  months 
away  from  doing  a  major 
conversion  for  our  in-patient 
applications.  We’ll  turn  off  all 
our  legacy  applications  and  turn 
over  to  that.  Our  budget  is  about 
$46  million  to  do  that. 


Now  that  many  healthcare  or¬ 
ganizations  are  firmly  working 
with  technology,  what  are  the 
next  big  opportunities  to  use 
IT  to  improve  healthcare?  The 
action  is  shifting  quickly  to 
mobile  health  solutions  with 
much  greater  involvement  of 
the  patients  in  their  healthcare. 
It’s  just  an  incredibly  exciting 
opportunity,  and  all  types  of 
applications  are  being  devel¬ 
oped  that  are  smartphone-  or 
tablet-based.  I  think  most  of  us 
have  the  environments  in  place 
technologically  to  support  it, 
but  it’s  a  very  different  focus.  It’s 
really  individualizing  the  care. 
It’s  having  them  hooked  into  us. 


What  are  the  biggest  chal¬ 
lenges  to  taking  advantage  of 
those  opportunities?  Part  of  it 
is  getting  that  initial  traction 
and  having  some  great  use  cases  to  demonstrate  the 
benefits.  It’s  been  fun  to  see  the  doctors  so  engaged  and 
having  our  team  work  so  collaboratively. 

Are  patients  more  willing  to  use  technology  to  help 
manage  their  own  health?  There  are  so  many  apps  out 
there  for  healthcare  right  now  it’s  just  unbelievable. 
There’s  not  a  day  that  goes  by  that  I  don’t  bump  into  ' 
someone  using  a  smartphone  app  for  health  or  fitness. 

—  Interview  by  Computerworld  contributing  writer 
Mary  K.  Pratt  (marykpratt@verizon.net) 


12  COMPUTERWORLD  MAY  6.  2013 


■»■■  m 


smi 


mmmhhw> 


w.WMH' 


mwi  "...jmm. 


rnrSm 


We  make  your  dive 
into  Big  Data  easier. 


IMPETUS 


http://bigdata.impetus.com  •  bigdata@impetus.com 


OPINION 


Stalking  the  Elusive 
Data  Scientist 


It  is  virtually 
impossible  to 
ind  all  the 
necessary 
analytical 
skills  in  one 


human  being. 


Thornton  A.  May 

is  author  of  The  New 
Know:  Innovation 
Powered  by  Analytics 
and  executive  director 
of  the  IT  Leadership 
Academy  at  Florida 
State  College  in 
Jacksonville.  You 
can  contact  him  at 
thorntonamay@aol.com 
or  follow  him  on  Twitter 
(@deanitla). 


THE  NEWEST  fantastic  animal  to  inhabit  the  human  imagination  — 
joining  a  long  list  that  includes  the  dragon,  Gorgon,  Loch  Ness  mon 
ster,  sphinx,  unicorn  and  yeti  —  is  the  data  scientist.  This  mythical 
beastie  has  come  to  dominate  the  dreams  of  many  of  the  otherwise 


sane  people  who  run  organizations.  They  see 
themselves  locked  in  an  epic  struggle,  coming  up 
against  a  horde  of  data  but  armed  with  inadequate 
skills.  As  this  pitched  battle  rages,  the  cry  is  heard: 
“Data  scientists  will  save  us!” 

Feeding  this  vision  are  troubadours  with  Power¬ 
Point  presentations.  They  show  up  on  the  big  data 
rubber-chicken  circuit  —  that  surfeit  of  conferences 
ginned  up  to  take  advantage  of  the  rapidly  growing 
interest  in  high-end  analytics  —  to  sing  a  narrative 
with  three  verses:  There  is  ever  more  data,  goes  the 
first.  There  is  potentially  huge  value  in  that  expand¬ 
ing  data  set,  runs  the  second.  There  is  a  rich  and 
rapidly  expanding  tool  set  to  assist  in  extracting 
value  from  that  data,  concludes  the  third.  These 
are  sung  in  a  round  over  and  over  and  over,  but  the 
air  finishes  on  a  very  different  note,  with  the  sage 
on  the  stage  saying  something  to  this  effect: 

“And  oh,  by  the  way,  you  need  really  bright 
analytic  geniuses/rocket  scientists/quants/data 
scientists,  who  are  very  rare  and  very  expensive. 
Despite  this,  you  should  buy  our  tools  and  get 
started  anyway.” 

Naturally,  outcomes-focused  executives  in  the  au¬ 
dience  find  that  conclusion  monumentally  unsatis¬ 
fying.  But  if  data  scientists  are  very  rare,  they  decide, 
they  will  find  them  —  and  recruit  them  at  any  price. 
(See  “Spring  Training  for  BI  Experts,”  page  28.) 

At  the  IT  Leadership  Academy,  we  wanted  to 
find  out  where  this  obsession  with  the  mythical 
data  scientist  was  heading.  We  interviewed  over 
100  executives  charged  with  leading  the  charge  to 
analytic  competence  in  their  organizations.  It  was 


generally  agreed  that  data  science  and  analytics 
is  a  multidisciplinary  field,  and  it  was  widely  con¬ 
ceded  that  it  is  virtually  impossible  to  find  all  the 
necessary  analytical  skills  resident  in  one  human 
being.  The  non-hysterical  in  the  bunch  have  ratio¬ 
nally  concluded  that  rather  than  stalk  a  mytho¬ 
logical  life  form  —  a  data  scientist  with  all  the 
skills  required  —  they  should  adopt  an  “ensemble” 
approach  to  the  deficit  in  analytical  skills. 

Here’s  how  Scott  Friesen,  director  for  market¬ 
ing  analytics  and  customer  insights  at  Ulta  Beauty, 
explains  this  idea:  “You  have  to  create  a  portfolio 
of  talent  within  a  team.  For  example,  you  might 
have  someone  who  is  a  great  statistician  but  doesn’t 
know  database  query  mechanisms.  So  someone 
else  on  the  team  does  the  SQL  pulls  for  the  statisti¬ 
cian,  who  hands  off  to  the  best  communicator.  That 
is  who  communicates  the  message  to  the  business.” 

Glenn  Wegryn,  director  emeritus  of  operations 
research  at  Procter  &  Gamble,  skinned  the  analyt¬ 
ical  talent  deficit  in  a  very  innovative  way.  As  part 
of  a  multipronged  talent  strategy,  he  scoured  the 
enterprise  for  employees  who  had  analytical  train¬ 
ing  but  weren’t  employed  in  analytical  jobs.  This 
was  a  rich  source  of  affordable  raw  quantitative 
skill.  And  that  should  not  be  surprising.  Just  about 
every  student  participating  in  the  6th  Annual 
EEIC  Engineering  Capstone  Design  Showcase  at 
Ohio  State  University  demonstrated  the  raw  skills' 
necessary  to  create  value  with  data. 

So  forget  about  the  data  scientist  bogeyman.  If 
you  are  eager  to  create  value  with  data,  go  out  and 
repurpose  an  engineer.  They  will  love  you  for  it.  ♦ 


14  COMPUTERWORLD  MAY  6.  2013 


i  m 


ForgeRock  O  en  Identity  Stack  is  built 
by  design — never  by  acquisition.  Protect 
your  private,  hybrid,  and  public  c]  ouds,  and 
SaaS,  mobile,  and  enterpris  e  systems  with 
the  only  unified,  100%  open  source 
dentity  stack. 


•  St,-  V  * 

SB  vV 


‘  *•  i 


ForgeRock 


*•  •  ,  . .  ■ 

■  •  ■ 

Visit  us  online  a 

_  u' 

forgerock.co 

mJP 

■ 


SPOTLIGHT  |  OPEN  SOURCE 


Open-source  software  throws  a  wrench 
into  traditional  software  evaluation 
criteria.  Here’s  what  to  look  for  and 
what  you’ll  be  expected  to  contribute. 

BY  STACY  COLLETT 


WHEN  WEST  TEXAS  A&M  UNIVERSITY  wanted 
to  develop  a  single  sign-on  portal  for  its  8,ooo 
students  that  would  unify  its  Web  applica¬ 
tions,  student  resources  and  social  networking 
services,  a  steering  committee  came  up  with 
a  list  of  six  criteria  for  evaluating  available 
software.  They  would  compare  software  systems’  features,  mobility, 
single  sign-on  capabilities,  look  and  feel,  and  flexibility,  as  well  as 
their  ability  to  integrate  with  existing  Web  applications. 


16  COAIPUTERWORLD  MAY  6.  2013 


VIKTOR  KOEN  ILLUSTRATION 


■■  ,,  <5  <->'>'  O  .1  o  V  o  ■>  IMWii 

O  X  a  o  oooou 

■Koooooo  O  O  00000.3 
^£70000000Xi00000l0^ 


oQiii 


0100010 

omo:.o 


%30, 


SPOTLIGHT 


OPEN  SOURCE 


But  this  wasn’t  an  apples-to-apples 
comparison.  CIO  James  Webb  threw 
in  a  pair  of  open-source  projects  to 
be  considered  alongside  commercial 
software  packages.  While  it  was  easy 
to  compare  the  systems  on  many  of 
the  criteria  (the  open-source  pair 
won  in  all  six  categories),  the  com¬ 
mittee  had  to  add  another  question: 

How  strong  is  the  open-source  user 
community,  and  could  it  help  the  uni¬ 
versity  achieve  its  goals?  The  answer 
was  yes,  and  the  Canyon,  Texas-based 
school  chose  the  two  open-source 
tools:  uPortal,  an  architecture  based 
on  Java  and  XML,  which  also  includ¬ 
ed  support  for  mobile  devices,  and 
Jasig’s  Central  Authentication  Service 
(CAS)  for  its  single  sign-on  service. 

“One  of  the  main  reasons  we 
went  with  the  uPortal  open-source 
solution  is  that  Yale,  Rutgers  and  the 
University  of  Wisconsin-Madison  are 
the  major  developers.  So  I  guess  you 
could  say  it  was  built  by  higher  ed  for 
higher  ed,”  says  Webb.  “We  know  we 
have  an  ecosystem  of  great  universi¬ 
ties  that  are  contributing  to  the  open- 
source  initiative,  supporting  it  and 
providing  additional  features  to  keep 
this  product  innovative.” 

Open  source  is  the  new  X  factor  in  software  selection.  More 
than  50%  of  all  software  purchased  will  be  open  source  by  2017, 
according  to  a  2012  survey  of  740  enterprises  released  by  a  col¬ 
laboration  of  26  open-source  companies.  That  finding  signals  a 
tipping  point  for  open-source  software  adoption  in  the  enterprise 
and  nontechnical  fields  such  as  the  automotive,  healthcare  and 
financial  services  industries.  Choosing  the  right  open-source 
offering  could  be  critical  to  an  organization’s  success.  But  evalu¬ 
ating  an  open-source  project  holds  more  caveats  and  pitfalls  than 
picking  traditional  software.  IT  departments  must  consider  the 
culture  of  the  open-source  community,  the  quality  and  timeliness 
of  releases,  the  project’s  governance  model  and  the  availability  of 
support.  They  also  have  to  consider  whether,  and 
to  what  degree,  they’re  willing  to  contribute  code 
and  fixes  back  to  the  community. 

Here,  organizations  that  have  successfully 
adopted  open-source  systems  share  the  criteria 
they  used  to  evaluate  projects  and  their  philosophy 
about  giving  back  to  the  open-source  community. 

‘Projects’  vs.  ‘Products’ 

Many  IT  departments  evaluate  open-source  systems 
the  same  way  they  assess  commercial  products. 

They  look  for  tools  that  offer  superior  functionality 
and  lower  maintenance  and  support  costs.  Many 
also  turn  to  open  source  to  escape  vendor  lock-in, 
foster  sustainability  within  the  IT  infrastructure 
and  spur  innovation  in  IT  operations. 


Making  a 
Difference 

SocialCoding4Good  is  running  a  pilot 
program  with  the  following  nonprofit  or¬ 
ganizations  that  develop  so-called  human¬ 
itarian  free  and  open-source  software: 

■  Benetech  (literacy/education  for  peo¬ 
ple  with  print  disabilities,  environmental 
conservation  and  human  rights) 

■  Code  for  America  Brigade 

(civic  engagement) 

■  FrontlineSMS  (disaster  relief, 
healthcare  and  human  rights) 

■  Moziila  Foundation  (education) 

■  The  Guardian  Project  (human  rights) 

■  Amara,  formerly  Universal  Subtitles 
(accessibility  and  education) 

■  Wikimedia  Foundation  (education) 

SOURCE:  WWW.SOCIALCODING4GOOD.COM 


But  there  are  other  things  to  con¬ 
sider  when  looking  at  open-source 
systems,  such  as  the  culture  of  the 
community,  the  consistency  of  the 
product’s  quality,  and  how  quickly 
the  community  responds  when  secu¬ 
rity  fixes  and  patches  are  needed. 

“It’s  important  to  evaluate  smaller, 
open-source  projects  differently 
than  larger,  corporate-sponsored 
open-source  products,”  says  Tomas 
Nystrom,  a  senior  director  and  global 
lead  for  open  source  at  Accenture. 

There  are  hundreds  of  thousands  of 
small  open-source  projects  or  libraries, 
such  as  NAS  and  Spring,  that  rely 
heavily  on  user  communities.  Then 
there  are  open-source  products,  such 
as  Red  Hat  Linux,  which  are  managed 
by,  and  often  owned  by,  companies  that 
are  in  the  business  of  selling  software. 

Sprint  Nextel  decided  that  a  well- 
established  product  would  best  meet 
its  needs  when  it  ventured  cautiously 
into  open  source,  having  grown  tired 
of  paying  vendors  millions  of  dollars 
in  maintenance  fees  for  Web  and  ap¬ 
plication  server  software,  even  as  the 
need  for  support  declined. 

“We  had  built  an  internal  team  who 
was  responsible  for  the  Web  and  apps 
servers,  and  we  believed  we  could  move  to  an  open-source  product 
and  still  be  successful,”  recalls  Alan  Krause,  director  of  enterprise 
application  integration  at  Sprint.  But  going  it  alone  was  a  scary 
proposition  for  the  CIO  and  a  vice  president,  who  both  wanted  the 
security  of  having  a  vendor  to  lean  on  if  problems  arose. 

“There  really  was  some  trepidation  there,”  Krause  recalls.  So 
the  organization  chose  JBoss  Enterprise  Application  Platform 
as  its  new  middleware  and  Red  Hat  Enterprise  Linux  as  its  new 
operating  system.  It  also  used  Red  Hat’s  consulting  team  to  help 
with  implementation  and  let  a  Red  Hat  relationship  manager 
serve  as  liaison  with  the  open-source  community. 

“We’re  kind  of  dipping  our  toe  into  open  source,”  Krause  says. 
“We’re  still  paying  some  maintenance  for  it, 
but  it’s  significantly  cheaper  than  what  we  were 
paying  before.” 

When  looking  at  open-source  products  like  Red 
Hat,  the  selection  criteria  are  no  different  from 
those  that  apply  to  commercial  software,  Nystrom 
says.  “They’re  considered  to  be  normal  vendors  with 
high-quality  products  that  are  comparatively  cheap.” 

As  open-source  products  gain  traction  at  com¬ 
panies  like  Sprint  Nextel,  IT  departments  will  feel 
more  comfortable  turning  to  smaller,  open-source 
projects  to  foster  innovation,  Nystrom  says.  “If 
you’re  building  something  custom,  it’s  typical  that 
you  use  [open  source]  somewhere  during  develop¬ 
ment,”  he  says.  “It’s  almost  impossible  not  to  use  it 
if  you  want  to  build  a  very  modern  application.” 


18  COMPUTERWORLD  MAY  6.  2013 


l-sSlI..; 


'Bww 


Quickly  and  Easily  Build  Your  Own 
OpenStack  Private  Cloud.  Ask  Us  How. 


www.suse.com/cloud 


SPOTLIGHT 


OPEN  SOURCE 


In  such  cases,  Nystrom  recommends  a  bottom- 
up  approach  for  choosing  open-source  projects. 

“Developers  and  architects  know  what  the 
communities  are  like  and  which  are  the  libraries 
that  are  in  much  use  today,”  Nystrom  says.  “They 
have  a  clearer  view  of  which  library  we  should 
use  for  which  purpose,  or  which  version  of  some 
type  of  persistent  API  we  should  be  using  here,  or 
what’s  the  best  log-in  library.  So  you  can  narrow 
down  the  number  of  libraries  that  are  relevant  for 
the  enterprise  very  quickly  —  from  hundreds  of 
thousands  to  probably  less  than  100,  depending 
on  what  you  want  to  build.”  And  from  there  it’s  a 
quick  move  to  a  few  “usual  suspects,”  he  adds. 

West  Texas  A&M  chose  the  CAS  project  for 
its  single  sign-on  system  because  CAS  had  been 
successfully  deployed  at  Texas  A&M  University 
in  College  Station  “and  the  references  were  solid,”  Webb  says.  His 
team  also  attended  user  events  and  higher-education  conferences 
related  to  CAS  as  part  of  the  decision-making  process. 

It  Takes  a  Village 

For  many  open-source  projects,  the  developer  community  is  the 
lifeblood  of  the  software,  and  those  who  are  new  to  open  source 
should  know  that  these  communities  all  operate  differently. 

The  well-established  Linux  community,  for  example,  has  oper¬ 
ated  under  founder  Linus  Torvalds’  “benevolent  dictatorship” 
since  its  inception.  But  developers  of  new  projects  often  keep 
tight  control  of  their  communities  as  well. 

WibiData,  a  Hadoop-based  user  analytics  company  that  helps 
organizations  build  big  data  applications,  provides  part  of  its  soft¬ 
ware  stack  as  open  source  to  make  it  easier  for  developers  to  build 
big  data  applications  on  an  HBase  NoSQL  database. 


JQ PEN  SOURCE 

Gives  BACK 

SEVERAL  NONPROFIT  open-source  organizations  now 
help  companies  give  back  to  the  community  by  provid¬ 
ing  their  programmers  with  opportunities  to  volunteer 
their  time  and  talents  to  benefit  social  causes. 

Through  the  work  of  nonprofit  organizations  such  as 
Benetech,  FrontlineSMS,  The  Guardian  Project,  Mozilla 
Webmaker  and  Wikimedia  Foundation,  so-called  humanitarian  free  and 
open-source  software  has  emerged  as  an  important  tool  in  tackling 
global  social  challenges,  including  civic  engagement,  disaster  relief,  edu¬ 
cation,  healthcare  and  human  rights. 

Several  tech  companies  already  connect  their  technologists  with  op¬ 
portunities  to  contribute  their  skills  to  projects  that  benefit  social  causes 
-  as  VMware  does  through  its  #ContributingCode  initiative,  for  example. 
But  any  company  can  get  involved  in  such  initiatives. 

What  can  companies  and  employees  gain  by  giving  back?  Plenty, 
accoiding  to  one  of  several  nonprofit  groups  that  organize  open-source 

20  COMPUTERWORLD  MAY  6.  2013 


“Right  now,  99.5%  of  the  software  is  written  by 
our  own  team,”  says  Aaron  Kimball,  chief  archi¬ 
tect  at  WibiData.  “It  takes  a  relatively  long  time  to 
get  people  to  use  it,  and  for  every  50  people  who 
use  it,  one  might  start  helping  to  contribute.” 

Then  there  are  the  radically  democratic  models. 
Developers  who  donate  a  product  to  the  Apache 
Software  Foundation,  for  instance,  must  reach 
a  “lazy  consensus”  with  the  community,  which 
means  “you  need  some  number  of  individuals 
to  give  your  idea  a  thumbs-up  and  for  nobody  to 
give  it  an  explicit  thumbs-down  —  and  if  they 
do,  they  are  obligated  to  work  with  you  to  make 
the  changes,”  Kimball  says.  “It’s  designed  to  slow 
things  down  in  some  ways  so  all  users  can  be 
invested  in  this  and  through  consensus  arrive  at 
the  best  solution.”  Although  the  developers  who 
participate  most  actively  in  writing  source  code  are  expected  to  be 
the  ones  who  are  listened  to  first,  he  adds. 

Is  It  Better  to  Give  Than  to  Receive? 

IT  departments  might  think  that  when  they  buy  into  open  source 
they  also  have  to  actively  participate  in  the  community  to  ensure 
its  survival.  But  that’s  not  always  the  case. 

With  widely  used  open-source  products  like  Red  Hat, 

“[vendors  are]  very  much  in  control  of  the  community,”  Nystrom 
says.  And  while  they  do  take  from  the  community,  “they  still 
control  the  product,”  he  adds.  “They’re  not  dependent  on  the 
community  for  the  product  to  be  stable  and  go  forward.” 

Sprint  Nextel  currently  relies  on  Red  Hat  consultants  as  its 
liaison  with  the  open-source  community,  but  Krause  believes  the 
company  will  need  less  hand-holding  as  time  goes  by.  “We  will 
eventually  move  away  from  Red  Hat  being  our  support  system 


projects  to  improve  the  lives  of  people  worldwide. 

“It  creates  a  tremendous  professional  development  opportunity  for 
employees,”  says  Gerardo  Capiel,  vice  president  of  engineering  at  Bene¬ 
tech,  which  sponsors  open-source  projects  benefiting  literacy  and  edu¬ 
cation,  environmental  conservation  and  human  rights.  Some  programs 
leverage  their  company’s  existing  technologies  and  can  influence  how 
they  affect  the  world.  Others  let  programmers  choose  their  own  cause 
from  a  list  of  nonprofits. 

Contributing  to  social  change  can  have  an  impact  on  employees,  as 
well.  Programmer  Abhi  Mahule  was  looking  to  donate  his  skills  and  time 
to  a  cause  when  he  learned  about  Benetech,  which  wanted  to  build  an 
Android-based  e-book  reader  for  the  visually  impaired.  Mahule  took  an 
existing  open-source  e-book  reader  and  adapted  a  version  for  Android 
that  could  “read"  books  aloud  as  audio.  He  built  a  prototype,  and  Bene¬ 
tech  secured  funding  from  the  U.S.  Department  of  Education  to  bring  it  to 
market.  Today,  thousands  of  people  use  the  app,  Capiel  says. 

The  project  “helped  me  (honel  my  technical  skills,”  says  Mahule,  but 
adds  that  the  intangible  benefits  were  more  significant.  “It  was  a  source  . 
of  joy  and  a  nice  feeling  that  in  a  small  way  you’re  able  to  contribute,"  he 
says.  “You  should  always  look  out  for  a  larger  cause  for  the  greater  good. 
This  is  the  perfect  opportunity  for  that." 

-  STACY  COLLETT  . 


i 


Virtually  Unmatched. 

Get  to  know  KVM.  Choice  in  Enterprise-Class  Virtualization. 

. 


www.openvirtualizationalliance.org 


Sponsored  by  OVA  Governing  Members 


SPOTLIGHT 


OPEN  SOURCE 


and  work  directly  with  the  open-source  com¬ 
munity,”  he  says. 

For  users  of  smaller  open-source  libraries 
or  projects,  communities  are  much  more 
important. 

“There’s  just  a  group  of  people  who  put 
this  together,  and  there  might  not  be  a 
commercial  entity  behind  it,”  Nystrom  says. 

In  these  cases,  developers  are  expected  to 
contribute,  but  what  if  they  refuse? 

One  open-source  user  says  it’s  hard  to  con¬ 
tribute,  or  “pay  it  back,”  when  the  product  is 
industry-specific. 

When  Hallmark  Services  Corp.  (HSC)  in 
Naperville,  Ill.,  was  overhauling  its  back-end 
systems,  it  bought  a  license  for  the  open- 
source  code  of  Healthation,  a  commercial 
off-the-shelf  system  for  administrating 
healthcare  business  transactions. 

Taking  an  open-source  approach  reduced 
the  amount  of  labor  required  to  complete  the 
project,  enabling  HSC  to  finish  more  than  nine 
months  early  and  save  $4.8  million  in  labor 
costs,  according  to  Neal  Kaderabek,  CIO  and 
vice  president  of  financial  services.  HSC  is  a  co¬ 
developer  of  the  software  with  Lisle,  Ill.-based 
Healthation,  and  it  has  the  right  to  exclusive 
use  of  functionality  that  it  developed  —  it 
doesn’t  have  to  make  it  available  as  open  source. 

“We  rarely  check  anything  back  in  —  we 
just  take  it  out,  modify  it  and  make  it  unique  to  our  business,”  Kade¬ 
rabek  says,  adding  that  HSC  shares  less  than  half  of  what  it  develops 
with  the  community.  “Frankly,  we  think  that  sets  us  apart  from  our 
competitors,  so  why  would  we  want  to  let  the  world  share  it?” 

He  acknowledges  that  Healthation  was  disappointed  that  HSC 
wasn’t  contributing  to  its  open-source  community.  “Their  view 
was  that’s  what  makes  their  product  more  attractive  to  the  indus¬ 
try.  But  in  this  case,  I  just  felt  like  it  was  our  secret  sauce,”  he  says. 

That’s  not  often  the  case,  industry-watchers  say.  Most  open- 
source  applications  are  essentially  commodities,  and  the  platform 
itself  doesn’t  usually  hold  many  trade  secrets. 

HSC  processes  $3.5  billion  worth  of  insurance  premiums  annually 
and  provides  services  to  about  1.5  million  retail  insurance  members. 

The  company  chose  Healthation  because  it  was  the  only 
healthcare  transaction  software  Kaderabek  knew  of  that  was 
available  as  open  source.  With  Healthation,  HSC  could  kick-start 
its  IT  transformation  project  because  the  majority  of  new  core 
functions  were  already  in  place  and  the  IT  team  had  to  custom¬ 
ize  only  about  one-third  of  the  system. 

“This  [open  source]  out  of  the  gate  was  leaps  and  bounds  ahead 
of  the  design  and  architecture”  of  traditional  software  systems, 
Kaderabek  says.  “It  was  built  on  latest  and  greatest  technology;  it 
used  Web  services;  it  was  .Net  using  SQL  server  —  which  all  met 
our  standards.  We  got  more  done  in  a  shorter  period  of  time  and 
didn’t  have  to  add  extra  resources,”  he  says. 

Kaderabek  says  that  even  when  evaluating  small  or  industry- 
specific  open-source  projects,  IT  shops  should  look  for  vendors 
that  specialize  in  maintaining  an  open-source  offering.  “Make 
sure  there’s  somebody  out  there  who  can  say,  T’ve  done  this  for 


the  last  five  years,  and  I  know  people  who 
have  done  what  you’re  doing,’  in  case  you 
need  help,”  he  says. 

When  lt7s  OK  to  Give  It  Away 

Contributions  to  an  open-source  commu¬ 
nity  don’t  have  to  be  huge  to  be  valuable. 

“If  there’s  a  low-level  feature  that’s  a  more 
convenient  way  to  do  something  —  that  saves 
everybody  time,”  says  WibiData’s  Kimball. 
“Sometimes  even  small  changes  that  may  not 
take  more  than  an  afternoon  to  write  will 
have  an  outsized  benefit  on  usability.” 

WibiData  initially  developed  its  entire 
software  stack  alone,  but  in  September  2012 
it  decided  to  make  part  of  that  stack  available 
as  open  source  and  released  the  Kiji  project 
in  November. 

Offering  some  tools  as  open  source  ben¬ 
efits  WibiData  in  several  ways,  most  notably 
by  broadening  the  company’s  user  base,  says 
Kimball.  Fundamental  layers  of  the  stack 
have  a  low  value,  and  users  won’t  pay  for 
tools  that  aren’t  unique  to  their  business, 
especially  if  similar  tools  are  available.  Open¬ 
sourcing  those  layers  introduces  new  users  to 
other  WibiData  offerings.  “There  are  plenty 
of  people  who  can  make  use  of  these  compo¬ 
nents  who  [weren’t]  customers  or  potential 
customers,  but  now  they’re  using  and  testing 
the  same  software  that  our  paying  customers  use,”  Kimball  says. 
“So  everybody  enjoys  increased  reliability  of  the  overall  system 
by  virtue  of  it  being  more  widely  adopted.” 

Moreover,  open  source  provides  a  foot  in  the  door  to  compa¬ 
nies  that  might  not  be  ready  for  a  big-data  tool  yet.  “If  common- 
based  layers  of  our  overall  system  are  widely  available  through 
open  source,  [developers]  might  just  start  using  it.  And  later 
on,  when  their  organization  needs  to  get  serious  about  using  an 
open-source  application,  it’s  much  easier  for  us  to  go  in  and  sell  to 
those  business  users  because  our  software  already  runs  on  parts 
of  their  stack.  Interoperating  with  it  and  getting  it  to  work  with 
the  rest  of  our  systems  is  much  easier  rather  than  if  they  had 
built  this  same  system  in  a  completely  bespoke  fashion.” 

Kiji  has  received  only  a  few  contributions  from  its  developer 
community  so  far,  but  Kimball  believes  that  will  change.  “For 
every  15  people  who  use  it,  one  might  file  a  bug  report  —  without 
providing  a  fix.  But  it’s  very  early  days,”  he  says.  “Where  this  goes 
is  an  open  question.” 

The  future  of  open  source  in  general  looks  bright.  Broader 
adoption  will  create  larger  communities  for  testing  and  feedback, 
which  in  turn  will  drive  innovation  in  areas  such  as  cloud  com¬ 
puting,  mobile  and  big  data,  according  open-source  vendors. 

The  innovation  cycle  is  also  creating  new  business  models. 
“Open  source  is  key  to  a  company’s  ability  to  innovate  and 
sustain  innovation  with  financial  benefits,  interoperability  and  . 
a  supportive  community,”  Webb  says.  “Those  are  the  things  that 
are  going  to  keep  it  going.”  ♦ 

Collett  is  a  Computerworld  contributing  writer.  You  can  contact 
her  at  stcollett@comcast.net. 


This  [open  source] 
out  of  the  gate  was 
leaps  and  bounds 
ahead  of  the  design 
and  architecture  [of 
traditional  software]. 

NEAL  KADERABEK,  CIO  AND 

VICE  PRESIDENT  OF  FINANCIAL  SERVICES, 
HALLMARK  SERVICES  CORP. 


22  COMPUTERWORLD  MAY  6,  2013 


HP  Cloud  Services 


The  public  cloud  enterprises  rely  on 

Visit  us  at  hpdoud.com 


f  J  «  f  ^ 

:  *  MJllU 

■  -  l 

x  aPSlL 

*  Jv  r 

SPOTLIGHT 


OPEN  SOURCE 


The  most  attractive  aspects 

of  open-source  software  can  also 
be  the  most  problematic:  It’s  free 
and  it’s  just  a  click  away. 

That  means  just  about  anyone 
in  the  office  can  introduce  open 
source  code  into  the  company’s  IT  infrastructure. 

It’s  tempting  for  users  to  think,  “It’s  free,  so 
no  big  deal.  IT  won’t  be  billed  for  it.”  But  IT  still 
has  to  manage  open-source  software  —  and 
that  can’t  happen  if  IT  doesn’t  know  it’s  there. 

It’s  never  a  good  idea  to  have  no  idea  what 
your  engineers  or  other  employees  are  bringing 


Open-source  software  is  free,  flexible  and  adaptable,  but  lax  oversight 
can  obliterate  the  benefits.  Here’s  how  IT  is  keeping  track,  by  mary  k.  pratt 


24  COMPUTERWORLD  MAY  6.  2013 


VIKTOR  KOfN  ILLUSTRATION 


Proven  IT  Leadership  Development 
Designed  and  Led  by  Future-State  CIOs 


»  Chart  your  own  path  based  on  career  aspirations  and  goals 
»  Identify  opportunities  across  known  IT  competencies 
»  Learn  from  high-profile,  experienced  CIO  mentors 
»  Tailor  participation  within  three  areas  of  professional  development 
»  Utilize  Boston  University  and  Harvard  Business  Publishing  courseware 


Pathways:  Start  Your  Journey  Today 

Visit:  council.cio.com/pathways 
Call:  +1  508.766.5696 
Email:  cec  info@cio.com 


Powered  by 


CIO 


CIO  Executive  Council 

Leaders  Shaping  the  Future  of  Business 


THE 

FUTURE-*. 
STATE  CtO 


SPOTLIGHT 


OPEN  SOURCE 


The  risk  might  be  limited,  but  if  [people  start]  sucking  in 
whatever  they  want,  there  can  be  issues.  Open-source  software 
comes  with  all  sorts  of  strings  attached. 

CLARK  D.  ASAY,  VISITING  .ASSISTANT  PROFESSOR.  DICKINSON  SCHOOL  OF  LAW,  PENNSYLVANIA  STATE  UNIVERSITY 


into  the  company.  The  risk  might  be  limited,  but  if  [people  start] 
sucking  in  whatever  they  want,  there  can  be  issues.  Open-source 
software  comes  with  all  sorts  of  strings  attached,”  says  Clark  D. 
Asay,  a  visiting  assistant  professor  at  Pennsylvania  State  University’s 
Dickinson  School  of  Law,  whose  research  focuses  on  legal  issues 
relating  to  the  Internet  and  arising  from  technological  change. 

Each  piece  of  open-source  software  has  specific  license 
requirements  and  possible  restrictions.  At  the  same  time,  the 
software  should  be  documented  and  tracked  to  ensure  that  it’s 
working  properly.  The  problem  is,  many  IT  organizations  aren’t 
applying  good  governance  practices  to  open-source  software. 

“The  overwhelming  majority  of  open-source  assets  used  in 
corporate  IT  are  either  significantly  undermanaged  or  completely 
unmanaged,”  says  Mark  Driver,  an  analyst  at  Gartner. 

Driver  acknowledges  that  management  of  open-source  soft¬ 
ware  is  improving.  He  says  surveys  conducted  in  2008  found 
that  75%  of  Global  1000  companies  didn’t  have  policies  govern¬ 
ing  open-source  software.  Now,  he  says,  75% 
of  companies  reporting  to  him  say  that  they  do 
indeed  have  polices  in  place,  although  Driver 
says  these  polices  aren’t  adequate. 

“When  I  look  at  those  policies,  the  significant 
majority  are  ineffective,”  he  says,  explaining  that 
many  require  voluntary  compliance  or  apply 
only  to  certain  parts  of  the  organization. 

Yet  CIOs  face  real  dangers  if  they’re  not  prop¬ 
erly  managing  their  open-source  assets.  They 
could  get  into  legal  tangles  for  failing  to  adhere 
to  license  restrictions.  They  could  expose  the 
infrastructure  to  security  threats.  Or  they  could 
find  themselves  scrambling  to  fix  glitches  in 
software  they  can’t  quickly  identify  because  they 
have  no  reliable  record  of  what  it  is. 

Steven  Grandchamp  has  seen  companies 
face  serious  problems  because  of  lax  oversight  of 
open-source  software.  “It’s  proliferated  so  much 
and  so  fast  that  now  you  have  organizations  using  it  and  they 
don’t  exactly  know  what  they  have  or  where  it  is.  And  if  you  don’t 
even  know  you  have  it,  then  you  can’t  manage  or  mitigate  the 
risk,”  says  Grandchamp,  CEO  of  OpenLogic,  a  Broomfield,  Colo., 
company  that  helps  organizations  manage  open-source  software. 

For  example,  one  OpenLogic  client  had  problems  with  a 
back-end  system  that  processed  gift  cards  for  a  large  retailer.  The 
system  crashed  just  before  Christmas,  leaving  IT  rushing  to  find 
the  source  of  the  glitch.  Turns  out  there  was  an  implementation 
problem  with  a  piece  of  open  source  code  that  a  developer  —  who 
had  long  since  left  the  company  —  hadn’t  documented. 

It’s  a  classic  example,  Grandchamp  says,  of  IT  neglecting  to 
count  open  source  code  as  a  key  asset  and  therefore  failing  to 
mitigate  the  risks  that  come  with  it. 


“For  some  reason,  it  has  escaped  the  traditional  management 
channels.  It  escapes  procurement  almost  completely  because  [it’s 
free].  And  it  escapes  a  lot  of  technical  evaluation  because  devel¬ 
opers  can  just  download  it,”  he  says. 

Shaya  Phillips,  associate  vice  president  for  IT  at  Fordham 
University,  says  his  IT  department  knows  what  can  happen  when 
open-source  tools  aren’t  managed  properly,  so  it’s  trying  to  get 
ahead  of  that  problem. 

He  and  his  colleagues  see  value  in  open  source  —  it’s  free, 
flexible  and  adaptable.  But  they’re  also  aware  of  the  challenges 
involved  in  maintaining  it.  Phillips,  who  is  active  in  the  Society 
for  Information  Management,  says  it’s  tough  to  determine  when 
to  contribute  changes  to  the  open-source  community,  when  to 
make  updates  and  patches,  and  when  to  pay  for  support  services. 

To  balance  the  risks  and  rewards,  Phillips  says  his  IT  depart¬ 
ment  has  decided  to  steer  clear  of  open  source  for  core  systems, 
such  as  those  running  student  registration,  financials  and  human 
resources,  unless  the  university  can  buy  support 
contracts  for  it.  On  the  other  hand,  Phillips  says 
open-source  software  supports  the  high-speed 
innovation  that  IT  needs  for  a  growing  body  of 
applications,  such  as  mobile  tools. 

And  when  open  source  is  in  the  picture, 
governance  is  essential,  he  says.  The  university’s 
information  security  office  reviews  open  source 
code  proposed  for  use  to  ensure  that  it’s  secure 
and  that  the  university  meets  the  licensing 
terms.  The  project  management  office  tracks 
the  code,  following  the  ITIL  standards  set  up  by 
the  software  development  office.  Programmers 
must  document  what  they  use  where  and  what 
modifications  are  made. 

“We  use  our  own  protocols.  We  document  what 
we  did,  what  we  used,  give  proper  attribution. 

We  have  approved  programming  standards,”  says 
Phillips,  adding  that  staffers  are  asked  to  share  any 
new  code  they  write  with  the  open-source  community. 

Fordham’s  IT  department  tracks  all  of  its  software  using  Sub¬ 
version,  an  open-source  version-control  tool.  Phillips  says  he  can’t 
point  to  any  specific  problem  that  has  been  avoided  to  prove  that 
such  attention  pays  off.  “But  I’m  sure  we  will,”  he  says.  “Already 
it’s  proved  itself  in  that  we  know  when  people  are  working  on  the 
wrong  version  of  software.” 

Mitigating  the  technical  risks  posed  by  open-source  software 
is  one  reason  IT  has  to  do  a  better  job  of  governing  it.  Making 
sure  the  organization  complies  with  all  licensing  and  legal  re¬ 
quirements  is  another,  Asay  says. 

Asay  says  some  developers  might  still  think  that  “open  source” 
means  “in  the  public  domain”  and  that  using  open  source  code 
won’t  infringe  on  anyone’s  intellectual  property  rights.  But,  in 


26  COMPUTERWORLD  MAY  6.  2013 


fact,  open-source  software  comes  with  copyright  protection,  and 
licenses  specify  how  the  code  can  be  used. 

There  are  numerous  open-source  licenses,  with  the  GNU 
General  Public  License  being  the  most  widely  used.  The  licenses 
generally  specify  if  or  when  you  have  to  publicly  disclose  the 
code’s  use,  attribute  it,  and/or  contribute  changes  and  modifica¬ 
tions  back  to  the  community  from  whence  the  code  came. 

Asay  explains  that  restrictions  and  require¬ 
ments  most  often  come  into  play  when  the  entity 
using  the  open  source  code  distributes  the  final 
software  package  to  someone  else. 

“If  people  are  just  pulling  it  in  and  there’s  zero 
chance  it  will  make  it  out  the  door,  no  one  will 
know  about  that  use,  so  you  don’t  have  license 
obligations.  Distribution  is  the  trigger  that 
makes  the  license  obligations  real,”  he  says. 

But  in  this  day  and  age,  when  so  many  IT 
organizations  develop  apps  for  customers  to  use 
when  interacting  with  companies,  developers 
may  cross  that  distribution  threshold  more  often 
than  they  realize,  Asay  says.  And  that  could 
mean  legal  trouble. 

“You  have  this  culture  [that  thinks]  ‘Hey, 
we’re  free  to  use  it.  We  can  avoid  having  to 
reinvent  the  wheel.’  But  if  you  don’t  follow  the 
license  conditions,  then  the  copyright  holder  can  bring  an  injunc¬ 
tion  and  get  statutory  damages,”  Asay  says. 

Ramaswamy  Nagappan,  co-CIO  at  Pershing,  says  such  risks  are 
why  open-source  software  needs  as  much  management  as  —  if  not 
a  bit  more  than  —  commercial  software.  And  that’s  why  Pershing 
has  detailed  protocols  for  when  and  how  it  uses  open  source. 

Those  protocols  first  require  that  the  open  source  code 
proposed  for  use  undergoes  a  legal  review  to  check  its  licensing 


terms  and  contribution  requirements,  and  to  determine  if  there’s 
any  threat  of  IP  or  patent  infringement.  (Nagappan  notes  that 
commercial  software  also  goes  through  a  legal  review,  but  that 
happens  later  in  the  procurement  process.) 

“Then  we  do  a  small  pilot.  A  small  team  downloads  it,  they 
make  sure  it’s  working,  then  goes  into  the  development  cycle 
—  they  test  it  and  make  sure  there’s  no  bug.  It’s  like  a  proof  of 

concept,”  he  says,  noting  that  IT  also  looks  at  the 
total  cost  of  ownership  and  compares  it  against 
the  TCO  of  comparable  commercial  products. 

If  it  passes  all  those  checks,  the  code  then 
becomes  part  of  the  company’s  catalog  of  open- 
source  options,  which  are  tracked  in  Pershing’s 
own  free  and  open-source  software  manage¬ 
ment  application.  That  ensures  that  “people 
don’t  download  something  that  does  the  same 
function  as  something  we  already  have,”  he  says. 

Karim  R.  Lakhani,  an  associate  professor  at 
Harvard  Business  School  who  has  extensively 
studied  the  emergence  of  open-source  software 
communities,  says  more  organizations  are  de¬ 
veloping  strong  management  policies,  aided  by 
evolving  tools  and  service  providers.  But  more 
organizations  still  need  to  take  up  the  charge. 
“IT  executives  do  need  to  pay  attention  to  this 
and  create  an  inventory  of  code  they’ve  brought  in,  with  what  the 
licenses  are.  But  most  organizations  don’t  have  good  control  over 
what  their  obligations  are,  both  to  the  commercial  sector  as  well 
as  to  the  open-source  sector,”  he  says.  But  they  should,  he  adds, 
noting  that  “software,  both  open  source  as  well  as  commercial, 
comes  with  a  lot  of  encumbrances.”  ♦ 

Pratt  is  a  Computerworld  contributing  writer  in  Waltham,  Mass. 
Contact  her  at  marykpratt@verizon.net. 


Checklist  of 

BEST  PRACTICES 

CIOs  LOOKING  TO  FORMULATE  and  enforce  open-source 
software  management  policies  should  first  stop  segre¬ 
gating  open-source  applications  from  commercial  appli¬ 
cations,  says  OpenLogic  CEO  Steven  Grandchamp. 

“Remove  the  ‘open  source,’  because  open-source  software 
is  just  software,”  he  says,  adding  that  the  best  practices  that 
IT  uses  when  managing  commercial  software  apply  to  open  source  code,  too. 

But  Grandchamp  and  others  say  open-source  management  protocols 
benefit  from  other  strategies  too.  He  and  others  recommend  the  following: 

■  Start  with  a  detailed  policy.  “You  have  to  make  some  statements 
about  what  you’re  willing  to  do  and  not  willing  to  do,”  Grandchamp  says. 

“The  big  thing  about  the  policy  is  understanding  the  risk  tolerance  of  the 
company,  because  it  really  should  be  a  risk-based  policy.” 

■  Understand  the  licensing  terms  of  the  various  open-source  tools 
that  your  organization  is  using  or  might  consider  using. 

■  Track  open-source  software  once  it's  in  the  door.  It’s  especially 


important  to  “make  sure  it’s  patched,”  says  Gartner  analyst  Mark  Driver. 

■  Conduct  a  sample  scan  or  audit.  As  is  the  case  with  financial  audits, 
it’s  impossible  to  conduct  a  comprehensive  check  of  everything  that’s  done 
using  open  source,  but  you  can  look  at  a  sampling  of  uses  and  make  sure 
they  meet  all  the  applicable  guidelines,  says  Grandchamp. 

■  Use  a  compliance  checklist.  Sources  such  as  Apache  Software  Foun¬ 
dation  or  the  Linux  Foundation  have  examples  that  you  can  follow. 

■  Check  applications  you  distribute  externally  to  see  if  they  use 
open  source  code.  As  Penn  State  assistant  professor  Clark  D.  Asay  points 
out,  many  open-source  license  requirements  are  triggered  when  code  is 
distributed  to  users  outside  of  your  organization. 

■  Develop  a  system  to  identify  open-source  software  that  could  be 
of  value  to  your  organization.  This  system  should  take  into  account  your 
needs,  the  software’s  capabilities  and  license  requirements  and  restrictions, 
Driver  says.  “Sometimes  you  have  a  good  fit  for  code  but  not  a  good  fit  on 
the  license,"  he  says.  “Not  all  open-source  licenses  are  created  equal.” 

■  Devise  a  strategy  for  how  your  engineers  will  work  with  and  engage 
the  open-source  community. 

■  Communicate  policies  throughout  your  entire  organization. 

“It  can’t  be  just  in  IT,  because  you  might  have  people  in  other  departments 
downloading  it,”  Driver  says. 

-  MARY  K.  PRATT 


COMPUTERWORLD.COM  27 


CAREERS 


It’s  a  whole  new 
ballgamefor 
traditional  data 
analysts,  as  training 
focuses  on  deep 
knowledge  of  statistics 
and  computer  science. 

BY  JULIA  KING 


SPRING 

TRAINING 

for  Bl  Experts 


SSnioq 


SK  A  DOZEN  CIOs  what  tops  their  list  of  strategic  priorities  and 
odds  are  exceedingly  good  that  “big  data”  ranks  either  first  or 
second.  One  of  the  greatest  challenges,  they’ll  tell  you,  is  finding  the 
talent  they  need  to  analyze  and  wring  business  value  from  the  ever- 
increasing  volume  of  complex  data  flooding  their  enterprises.  What 
they  need,  they  say,  are  good  data  scientists  —  and  lots  of  them. 

In  one  of  the  most  frequently  cited  reports  on  the  topic,  the 
McKinsey  Global  Institute  estimates  that  there  will  be  a  short¬ 
fall  of  190,000  data  scientists  in  the  IT  job  market  by  2018. 


28  COMPUTERWORLD  MAY  6.  2013 


GiTTV  IMAGES  /  THINKSTOCK 


But  how  exactly  do  you  become  one  of  these  in- 
demand  big  data  specialists?  Is  it  a  matter  of  training, 
certification  or  both?  Is  it  simply  the  next  logical 
career  step  for  a  traditional  business  intelligence 
expert?  Is  a  computer  science  degree  required? 

As  it  turns  out,  there  is  no  one  right  answer, 
at  least  not  at  the  moment.  Instead,  it’s  largely  a 
scramble  out  there  on  the  big  data  field. 

“Big  data  is  like  a  kids’  soccer  game.  Everyone  is 
running  to  the  ball,  but  no  one  knows  exactly  what  to 
do  with  it.  It  has  created  a  huge  competition  for  people,” 
says  Greg  Meyers,  CIO  at  Biogen  Idee  in  Weston,  Mass. 

“It’s  a  very  fluid  area,”  agrees  Michael  Rappa,  exec¬ 
utive  director  of  the  Institute  for  Advanced  Analytics 
at  North  Carolina  State  University.  “Depending  on 
what  industry  you’re  in  or  what  company  you  talk  to, 
it’s  a  different  reality  when  you  talk  about  big  data.” 

While  a  single  definition  might  be  elusive,  aca¬ 
demic,  career  and  business  experts  agree  that  there 
are  certain  fundamental  tasks  that  all  data  scientists 
need  to  perform  and  certain  skills  that  are  required 
to  perform  them  well.  The  main  pillars  of  the 
discipline  are  data  clustering,  data  correlation,  data 
classification  and  anomaly  detection. 

Or,  as  Rob  Bird,  a  data  scientist  and  CTO  at  Red 
Lambda,  a  provider  of  predictive  security  analytics, 
puts  it,  “You  make  data  simpler,  find  relationships, 
find  the  weird  stuff,  and  then  make  predictions.” 

Universities  Step  Up 

The  skills  required  to  perform  these  tasks  cut  across 
traditional  academic  disciplines,  including  statistics, 
mathematics  and  computer  science.  This  is  why 
several  schools,  including  New  York  University  and 
NC  State,  offer  specialized  data  scientist  certification 
and  degree  programs. 

“Data  used  to  be  something  you  collected.  It  had 
neat  rows  and  columns,”  explains  Rappa.  “You  ran 
experiments  that  were  time-consuming,  laborious 
and  costly,  and  you  didn’t  have  a  lot  of  data  so  you 
dealt  with  sample  sizes.” 

Now,  in  contrast,  “data  comes  streaming  off  of  every 
touch  point  you  have  with  employees,  partners  and 
customers,”  he  says.  “Big  data  is  about  talking  all  of  that 
data  together  and  using  it  to  optimize  business  or  in¬ 
ventory  levels  or  to  better  target  customers.  That’s  the 
trick  of  the  whole  thing.  You  need  people  who  are  good 
at  handling  large  volumes  of  data  and  have  knowledge 
of  math  and  statistics  to  analyze  the  data.” 

Recognizing  this  as  early  as  2005,  NC  State 
created  the  Institute  for  Advanced  Analytics,  which 
pulls  together  faculty  members  from  various  disci¬ 
plines  and  teaches  data  science  “in  a  very  integrated 
way,”  Rappa  says.  Students  take  technical  courses  in 
statistics,  finance  and  business,  and  they  learn  com¬ 
munications  and  teamwork  skills,  which  Rappa  says 
“almost  always  trump  the  technical  skills,”  as  far  as 
employers  are  concerned. 

Teamwork  skills  are  critical,  he  says,  because  “you 


“"I  soccer 
is  running 
to  tne  Dan,  out  no  one  knows 


exactly  what  to  doWfth  it.  It 


has  created  a  huge  competition 
for  people. 


GREG  MEYERS,  CIO.  BIOGEN  IDEC 


COMPUTERWORLD.COM  29 


CAREERS 


DATA  SCIENCE  VS.  BUSINESS  INTELLIGENCE: 

What’s  the  Difference? 

THE  TERMS  “data  science"  and  “business  intelli¬ 
gence”  seem  to  be  used  a  lot  in  connection  with  big 
data,  but  they’re  really  very  different  disciplines. 

Experts  say  data  science  is  all  about  predicting  the 
future,  while  Bl  involves  producing  static  reports. 

“Traditional  Bl  engineers  are  effectively  reporting 
information  as  is.  even  if  they’re  reporting  trends  and 
standard  deviations  away  from  the  norm,”  says  Andrew  Dempsey. 


director  of  DVD  Bl  and  analytics  at  Netflix. 

“They  aren't  really  discovering  new  nuggets  of 
information.  The  data  is  what  it  is.” 

|Hr: ::  But  with  data  science,  there's  an  element  of 

mystery.  For  example,  Netflix  looks  at  histori¬ 
cal  data  “to  identify  why  someone  is  more  or 
less  likely  to  churn  because  of  their  behavior." 
Dempsey  explains.  “There's  more  uncertainty 
*  there  because  on  an  aggregate  level,  a  lot  of 

^^g«jg  people  may  have  similar  viewing  habits,  but  on 
an  individual  level,  everyone  is  different." 

I  Another  key  difference  between  the  two  disci- 

plines  has  to  do  with  the  data  itself. 

First,  there’s  the  sheer  volume  of  data.  “With  so 
much  data,  you  need  to  assimilate  it  to  look  at  the 
exceptions,  rather  than  the  reports,"  says  Biogen 
Idee  CIO  Greg  Meyers.  The  pharmaceutical  manu¬ 
facturer,  he  says,  continually  reviews  data  from 
signals  throughout  the  manufacturing  process  to 
detect  when  events  are  out  of  tolerance  levels. 
When  an  anomaly  is  detected,  a  different  operat¬ 
ing  procedure  is  triggered,  “it's  all  about  trying 
to  make  sure  the  process  of  how  we  manufacture 
is  as  controlled  as  possible."  Meyers  says.  “We've 
|jk  matured  our  analytics  process  by  looking  at  data 

across  batches  so  we  look  at  trends  to  reduce  the 
variability  of  certain  things." 

Another  challenge  is  dealing  with  the  variability  of  big  data. 

Josh  Williams,  a  data  scientist  at  Kontagent,  notes  that  “in  classic 
Bl  systems,  you  usually  have  highly  structured  data  -  things  like 
customer  profiles.  You  come  up  with  an  analysis  by  correlating  that 
data  and  running  regressions  on  it.” 

In  today's  big  data  environment,  in  contrast,  “you  have  a  mess  of 
complex  data  and  you  have  no  idea  how  the  features  you  may  be 
looking  at  -  the  input  factors  -  relate  to  the  output,”  Williams  says. 
The  upshot  is  that  data  science  is  “much  more  exploratory.  It’s  eas¬ 
ier  to  shoot  yourself  in  the  foot.  You  have  to  be  much  more  rigor¬ 
ous.  It’s  much  more  difficult  to  do  the  analysis,  which  is  why  there 
is  so  much  more  research  around  machine  learning."  he  adds. 

-  JULIA  KING 


AHgr  & 

m,  m 

[In  data  science]  you  need 
people  who  are  good  at  handling 
large  volumes  of  data  and  have 
knowledge  of  math  and  statistics 
to  analyze  the  data. 

MICHAEL  RAPPA,  EXECUTIVE  DIRECTOR,  INSTITUTE  FOR  ADVANCED 
ANALYTICS.  NORTH  CAROLINA  STATE  UNIVERSITY 


can’t  wrap  up  all  of  the  [data  scientist]  skills  you  need 
in  a  single  person.”  (See  “Stalking  the  Elusive  Data 
Scientist,”  page  14.)  Instead,  data  scientists  typically 
work  in  teams.  IBM,  for  example,  mixes  statisticians 
with  MBAs  in  its  Data  Analytics  Center  of  Excellence, 
which  helps  businesspeople  determine  what  questions 
they  need  data  to  answer.  The  center’s  goal  is  to 
generate  revenue  through  a  marriage  of  business  sawy- 
and  analytics,  says  CIO  Jeanette  Horan.  One  project 
optimized  sales  coverage  in  the  170  countries  in  which 
IBM  operates,  yielding  a  10%  performance  improvement 
in  territories  where  the  models  were  applied. 


30  COMPUTERWORLD  MAY  6.  2013 


thinkstock 


The  intensive  NC  State  program,  which  students  attend  all 
day,  five  days  a  week  for  10  months,  awards  graduates  a  master 
of  science  degree.  Rather  than  completing  a  final  thesis,  students 
work  in  teams  to  complete  practicum  projects  with  live  data  from 
major  companies,  including  GE  and  GlaxoSmithKline.  Seventy 
percent  of  the  program’s  students  come  from  the  workforce,  many 
of  them  sponsored  by  their  employers.  Most  students  have  at  least 
two  years  of  on-the-job  experience,  and  their  average  age  is  29.  The 
program  costs  $21,000  for  North  Carolina  residents  and  $36,000 
for  everyone  else. 

At  NYU,  the  newly 
launched,  two-year  master 
of  data  science  degree  is  also 
multidisciplinary,  intersecting 
mathematics,  computer  science 
and  statistics.  This  is  because  to 
do  data  science  well,  “you  need 
to  have  expertise  in  all  three,” 
says  Roy  Lowrance,  manag¬ 
ing  director  of  the  university’s 
Center  for  Data  Science. 

Lowrance  emphasizes  that 
data  scientists  also  require 
what  he  calls  “application 
knowledge.”  Without  it,  “you 
have  no  intuition  about  what 
to  work  on  and  test,  especially 
in  business,”  he  explains. 

What  Lowrance  refers  to 
as  application  knowledge, 
some  other  experts  describe  as 
domain  expertise.  But  whatever 
you  call  it,  all  agree  that  it’s 
absolutely  essential  for  data 
scientists  in  the  business  world. 

Because  data  scientists 
are  charged  ultimately  with 
showing  business  value, 
knowing  a  particular  busi¬ 
ness  is  critical  “because 
there’s  a  lot  of  nuance  in  each 
domain,”  says  Josh  Williams, 
a  data  scientist  at  Kontagent, 
a  company  that  finds  and 
identifies  customer  behavioral 
insights  from  social,  mobile 
and  Web  data  in  real  time. 

“A  data  scientist  is  someone 
who  is  familiar  with  statis¬ 
tics  and  classical  mathematical  analysis,  and  they  need  a  strong 
background  in  programming  and  computer  science  or  at  least  the 
ability  to  get  things  done  in  a  programming  language,”  Williams 
says.  “But  they  also  need  domain  expertise  around  how  to  apply 
different  automated  analysis  algorithms  to  a  given  domain.” 

However,  he  adds,  “data  science  skills  are  not  necessarily 
industry-transferrable”  because  the  volume  and  complexity  of 
data  varies  from  industry  to  industry.  “We’re  dealing  with  orders- 
of-magnitude  greater  volumes,  but  the  really  important  part  is 
that  the  data  is  much  more  rich  and  complex,”  Williams  says. 


Training  Options 

The  optimal  place  to  gain  domain  expertise  is  on  the  job.  But  for 
people  interested  in  improving  their  technical  skills,  there  are 
options  beyond  university  programs. 

“There  are  a  lot  of  good  math  and  statistics  courses  online, 
and  many  computer  science  courses  online,  too,”  says  NYU’s 
Lowrance.  Additionally,  vendors  in  the  big  data  market,  such  as 
Cloudera,  are  developing  extensive  training  programs  for  would- 
be  big  data  professionals. 

Cloudera  offers  instructor-led  training  both  in  classrooms 

and  online.  The  training  is 
segmented  by  professional 
roles,  such  as  developer  and 
analyst,  and  by  application. 
For  example,  students  might 
take  a  course  in  developing  a 
recommendation  system  on 
Cloudera’s  big  data  platform. 

One  of  Cloudera’s  most 
popular  courses  is  geared  to 
developers,  primarily  those 
using  Java.  “They  may  write 
MapReduce  applications, 
taking  a  Web  log,  which  is 
very  often  used  because  now 
it  can  be  stored  and  ana¬ 
lyzed,”  says  Sarah  Sproehnle, 
vice  president  of  educational 
services  at  Cloudera.  “[Then 
they’ll]  do  a  simple  analysis, 
perhaps  counting  the  number 
of  times  various  IP  addresses 
access  their  Web  pages. 

From  there,  they  can  expand 
to  forming  a  geographical 
look-up  to  see  where  their 
geographical  Web  activity  is 
coming  from.” 

Cloudera  reports  that  it 
trained  15,000  developers  in 
2012,  and  it  offers  new  classes 
every  week,  around  the  globe. 

“The  audience  we’re 
aiming  for  are  not  yet  calling 
themselves  data  scientists,” 
says  Sproehnle.  “They  may  be 
software  engineers  or  statisti¬ 
cians,  and  they  need  to  be 
equipped  with  what  it  takes 
to  [operate]  in  this  new  big-data-driven  environment.” 

The  training  does  focus  exclusively  on  Cloudera’s  big  data 
platform,  but  it  also  covers  more  fundamental  big  data  concepts, 
such  as  machine  learning,  classification  and  clustering,  she  says. 

The  company  also  offers  a  certification,  which  Sproehnle  says 
“is  beginning  to  appear  on  Linkedln  profiles  and  job  descriptions 
looking  to  hire  big  data  professionals.” 

“In  technologies  this  young  and  new,”  she  adds,  certification 
“offers  a  level  of  comfort  that  [an  applicant]  has  more  to  ofter 
than  that  they  read  a  few  pages  in  a  book.”  ♦ 


Next-Gen  Firewalls. 


Born  for  carriers. 


Bred  for  your  enterprise. 


Introducing  the 

Dell  SonicWALL  SuperMassive  9000  Series. 

Engineered  to  address  the  security  and  high  performance 
demands  of  carriers  and  service  providers,  the  Dell™  SonicWALL™ 
SuperMassive™  Next-Generation  Firewall  platform  examines 
every  packet  without  compromising  network  performance. 
The  new  Dell  SonicWALL  SuperMassive  9000  Series  offers 
that  same  high  level  of  protection  and  performance  to  the 
enterprise  in  a  one- rack  unit  (1U)  appliance  that  saves  space, 
power,  and  cooling  costs. 

sonicwall.com/SuperMassive9000 


— ‘-I '  The  power  to  do  more 

Copyt  jhuSHJD 'oc  Al  ights  reset'aisf  DeBSorncWAU  *  a  trader-M*  £k*  r< 
ott  «r  fe  ‘jOrtcWAl.Lpriaik  i  mo  ■i’tvuronaiTies  aid  sieiia/is  0eS!r-,c 


COMPUTERWORLD.COM  31 


Security 
T  Manner's  -i 

Journal 

Plans  Are  Made  to  Be  Revised 

The  company’s  incident-response  plan  needs  to  he  updated. 
That’s  normal  -  no  plan  is  carved  in  stone. 


E  SECURITY  MANAGERS 

are  always  document¬ 
ing  processes  and  plans. 
It’s  a  task  without  end, 
because  you  have  to 
dust  off  those  documents  every  once  in  a 
while  and  think  about  how  they  could  be 
updated.  Organizations’  needs  are  always 
changing,  and  so  is  technology,  so  what 
was  a  great  plan  a  couple  of  years  earlier 
might  have  some  gaping  holes  now. 

Such  was  the  case  with  our  incident- 
response  plan.  I  had  reason  to  review  it 
recently,  and  it  clearly 
needed  modernization. 

One  thing  1  have 
learned  over  the  years 
is  that  it’s  a  mistake  to 
start  from  scratch  with 
these  things.  When  you  model  a  security 
program  against  a  standard,  it  is  likely 
to  receive  less  scrutiny  in  an  audit,  since 
it  will  be  in  a  form  that  is  recognizable 
and  accepted  in  the  industry.  That’s  why 
I  decided  to  use  the  incident-response 
recommendations  from  the  National  Insti¬ 
tute  of  Standards  and  Technology  (NIST) 
as  our  starting  point.  Every  organization 
will  want  to  customize  its  plan  for  its  own 
needs,  but  building  on  a  widely  used  and 
solid  framework  is  a  big  help. 


With  NIST’s  recommendations  as  our 
guide,  we  broke  our  incident-response 
process  into  four  phases:  preparation; 
detection  and  analysis;  containment  and 
eradication;  and  post-incident  analysis. 

Preparation  is  in  many  ways  the  most 
important  phase.  It  includes  identifying 
the  members  of  the  crisis  action  team 
(CAT).  Besides  representatives  from 
information  security,  we  wanted  the  CAT 
to  include  Windows  and  Unix  engineers, 
network  engineers,  help  desk  personnel 
and  local  law  enforcement  officials. 

Having  chosen  these 
people,  we  obtained  full 
and  redundant  contact 
information  for  all  of 
them,  so  we  could  be 
sure  we’d  be  able  to 
get  in  touch  with  them  if  there  were  an 
incident.  Then  we  designated  certain 
conference  rooms  to  serve  as  “war  rooms” 
and  secured  a  dedicated  call-in  bridge  and 
an  email-enabled  distribution  list.  In  this 
phase  we  also  lined  up  all  the  relevant 
tools  we  might  need  to  detect  or  respond 
to  incidents,  including  packet  captur¬ 
ing,  malware  analysis,  event  monitoring 
and  forensics  tools.  Finally,  we  identified 
trusted  third  parties  to  be  on  call  in  case 
we  need  expert  assistance. 


Trouble 

Ticket 


The  company's 
incident-response 
process  is  badly  outdated. 


Use  a  good 

model  to  modernize  it, 
and  plan  to  test  it  often  so  it 
stays  up  to  date. 


You  can  never  know  how  a  security 
incident  will  unfold.  With  that  in  mind, 
in  the  detection  and  analysis  phase,  we 
didn’t  try  to  enumerate  every  possible 
scenario.  Instead,  we  listed  common 
events  that  we  see  as  major  concerns. 
These  include  malware  infestations, 
phishing  attacks,  unauthorized  access, 
data  loss,  denial-of-service  attacks  and 
theft.  We  are  also  defining  which  sorts 
of  events  should  trigger  activation  of  the 
CAT.  For  example,  a  single  PC  hit  by 
malware  is  insufficient,  but  the  detection 
of  malware  that’s  quickly  propagating 
could  well  require  a  full  CAT  response. 

To  help  us  decide  when  the  cavalry  is 
needed,  we  are  creating  a  matrix  to  lay 
out  the  criteria  for  escalation. 

For  the  third  phase,  containment  and 
eradication,  we  are  establishing  guide¬ 
lines  on  whether  an  event  requires  evi¬ 
dence  collection,  damage  assessment  and 
identification  of  the  attackers.  We  are 
also  preparing  checklists  to  help  ensure 
proper  eradication  and  containment  of 
whatever  malicious  activity  the  incident 
involves.  For  example,  a  checklist  might 
address  what  to  do  when  a  Windows 
server  is  compromised. 

For  the  post-incident  phase,  we  are 
describing  how  to  ensure  that  we  have 
gathered  all  the  information  necessary 
for  criminal  or  administrative  action, 
and  we  are  including  recommendations 
on  post-mortems  so  we  can  identify  what 
went  well  and  what  needs  improvement. 

Once  the  incident-response  process 
document  is  complete,  we’ll  start  sched¬ 
uling  training  sessions  and  then  regular 
testing  of  the  plan  so  we  can  maintain 
confidence  that  we  are  able  to  effectively 
respond  to  any  incident.  ♦ 

This  week’s  journal  is  written  by  a  real 
security  manager,  “Mathias  Thurman,” 
whose  name  and  employer  have  been 
disguised  for  obvious  reasons.  Contact  him 
at  mathias_thurman@yahoo.com. 


One  thing  I  have  learned  over  the  years  is  it’s  a 
mistake  to  start  from  scratch  with  these  thinp. 


the  discussions  about 
security!  computerworld.com/ 
blogs/security 


32  COMPUTERWORLD  MAY  6.  2013 


Call  for  Submissions 

VMware  Innovation  Awards 

—  Submit  Now 


•  Have  you  and  your  team  completed  a  project  that  had 
a  positive  impact  on  your  company  or  industry? 

•  Was  it  a  project  that  helped  to  transform  the  experience 
for  employees  or  customers? 

•  Did  you  and  your  team  complete  the  project  despite  internal 
and  external  challenges? 

•  Have  you  leveraged  VMware’s  technology? 

Then  it’s  time  to  share  your  story  and  gain  recognition  for  your 
leadership.  Nominations  are  now  being  accepted  for  the  first 
annual  VMware  Innovation  Awards,  produced  by  Computerworld 

The  innovation  categories  are  (multiple  entries  are  accepted): 

—  Driving  Business  Innovation  with  the  Cloud 
—  Enabling  True  Session  Mobility 
—  Leveraging  the  Software-Defined  Data  Center 
—  Transforming  the  Workforce  with  New  Technologies 

Winners  will  be  selected  by  a  prestigious  panel  of  judges 
and  honored  at  VMworld  on  August  27th  in  San  Francisco. 

Get  more  information  and  nominate  your  project: 
http://events.computerworld.com/vmwareawards 


Nomination  deadline:  May  31,  2013 


-  OPINION 

PRESTON  GRALLfl 


Microsoft's  Smartwatch: 
Been  There,  Didn’t  Do  That 


This  is 
shaping  up 
as  another 
example  of 
Microsoft 
getting  to  a 
market  first 
and  failing 
to  cash  in. 


Preston  Gralla  is  a 

Computerworld.com 
contributing  editor 
and  the  author  of 
more  than  35  books, 
including  How  the 
Internet  Works 
(Que.  2006). 


PPLE,  GOOGLE  AND  SAMSUNG  are  all  said  to  be  working  on  smart- 
watches.  This  is  shaping  up  as  yet  one  more  example  of  Microsoft 
getting  to  a  market  first  and  then  failing  to  cash  in. 

Various  reports  say  Apple  is  working  on  what  would  presumably 


be  called  the  iWatch.  Because  we’re  talking  about 
Apple,  there  has  been  no  confirmation  of  those 
reports,  but  as  many  as  too  product  designers  are 
said  to  be  hard  at  work  on  it.  Google’s  Android 
division  may  also  be  working  on  a  smartwatch. 

Its  offering,  sources  say,  would  work  not  only 
with  Android  smartphones  and  tablets,  but  with 
Google  Glass  as  well.  And  Samsung  has  confirmed 
that  it’s  working  on  a  smartwatch. 

With  so  much  activity  focusing  on  the  intersec¬ 
tion  of  technology  and  the  human  wrist,  Micro¬ 
soft  is  paying  attention  and  is  said  to  be  making  its 
own  moves  toward  developing  a  smartwatch.  But 
in  Microsoft’s  case,  that  should  read  “developing 
a  smartwatch  again.”  That’s  because  Microsoft 
pioneered  smartwatches  years  ago,  and  then  aban¬ 
doned  the  concept. 

Nearly  two  decades  ago,  in  1995,  Microsoft  and 
Timex  co-developed  the  Timex  Data  Link  watch, 
which  wirelessly  downloaded  and  displayed  data 
from  Windows-based  PCs.  Though  worn  by  both 
astronauts  and  cosmonauts  on  space  missions 
and  given  Popular  Science’s  Best  of  What’s  New 
Award  and  the  Popular  Mechanics  1995  Design 
and  Engineering  Award,  it  never  made  a  dent  in 
the  market,  and  Timex  and  Microsoft  abandoned 
it.  Then  in  2003,  Microsoft  launched  its  Smart 
Watch,  which  delivered  news,  weather,  traffic 
information  and  more  over  FM  frequencies.  The 
Smart  Watch  was  based  on  Microsoft’s  Smart 
Personal  Objects  Technology  (SPOT),  which  was 
meant  to  be  applied  to  an  entire  fleet  of  gadgets, 
from  coffee  makers  to  GPS  devices. 

That  never  happened.  The  watches  were  bulky 


and  expensive  (one  model  sold  for  $800),  and  the 
SPOT  service  required  a  $59  annual  subscription. 
In  2008,  Microsoft  stopped  selling  the  watches, 
while  still  supporting  transmissions  to  existing 
ones.  At  the  end  of  2011,  it  pulled  the  plug  entirely. 

Now,  in  2013,  Microsoft  finds  itself  not  at  the 
vanguard  of  a  burgeoning  trend,  but  playing  catch¬ 
up.  The  Wall  Street  Journal  says  Microsoft  has  con¬ 
tacted  parts  suppliers  in  Asia  to  ship  components 
for  a  smartwatch.  No  doubt  the  company  has  seen 
Gartner’s  estimate  that  the  wearable  electronics 
market  will  reach  $10  billion  by  2016. 

Why  is  Microsoft  following  and  not  leading? 
One  reason  is  that  there’s  a  disconnect  between 
its  substantial  research  capabilities  and  its  product 
development  efforts.  Microsoft  far  outspends 
Apple  and  Google  on  research  and  development 
—  its  $9.4  billion  budget  is  nearly  double  Google’s 
$5.2  billion  and  more  than  triple  Apple’s  $2.6 
billion,  according  to  S&P  Capital  IQ  —  and  it  has 
been  the  company  with  the  world’s  largest  R&D 
budget  for  the  past  12  months.  Clearly,  Apple  gets 
a  far  bigger  bang  for  its  buck  when  it  comes  to 
matching  research  to  product  development. 

Another  problem  is  Microsoft’s  protect-your- 
own-turf  culture,  which  makes  it  difficult  for  it 
to  develop  products  that  span  departments.  And 
it  doesn’t  help  that  Microsoft  demands  that  all  its 
products  lead  back  to  Windows.  That  hit  of  turf- 
guarding  holds  back  innovation. 

This  all  reminds  me  of  what  happened  with 
smartphones  and  tablets.  In  both  cases,  Microsoft 
had  the  jump  on  Apple  but  couldn’t  cash  in.  It’s  hard 
to  believe  that  things  will  be  different  this  time.  ♦ 


34  COMPUTERWORLD  MAY  6.  2013 


® 


dt  Search 


The  Smart  Choice  for  Text  Retrieval®  since  1991 


Instantly  Search 
Terabytes  of  Text 

•  25+  fielded  and  full-text  search  types 

•  dtSearch's  own  document  filters  support  "Office," 

PDF,  HTML,  XML,  ZIP,  emails  (with  nested  attachments), 
and  many  other  file  types 

•  Supports  databases  as  well  as  static  and  dynamic  websites 

•  Highlights  hits  in  all  of  the  above 

•  APIs  for  .NET,  Java,  C++,  SQL,  etc. 

•  64-bit  and  32-bit;  Win  and  Linux 

Ask  about  fully-functional  evaluations 

www.dtSearch.com  i-soq-it-finds 


m 


% 


MARKETPLACE 

'  ImMf 

lightning  fast’ 

Redmond  Magazine 

"covers  all  data  sources" 

eWeek 

"results  in  less  than  a  second" 

InfoWorld 


hundreds  more  reviews 
and  developer  case  studies 
at  www.dtsearch.com 


dtSearch  products: 

Desktop  with  Spider 

♦  Network  with  Spider 

♦  Publish  (portable  media) 

♦  Web  with  Spider 

♦  Engine  for  Win  &  .NET 

♦  Engine  for  Linux 

♦  Document  filters  also  available 
for  separate  licensing 


Mmm 


Personalized  IT  newsletters 


pick  the  topics.  pick  the  sources.  pick  the  frequency. 

Build  your  own  newsh  tter  featuring  your  favorite  technology 
topics  —  cloud  computing,  application  development,  security  — 
over  200  timely  topics,  from  more  than  700  trusted  sources. 


I  s  free. 

www.techdi  s  p  ense  r.co  m 


t  ‘ 

'  ;  1  ’  ■  i  j 

d 


TECH  Q  DISPENSER 

Disturbingly  personal  n e w s I e 1 1 ers. y \ l M 

--Mil 

'  r  ;  '  "•  3  wV-fM'- 


COMPUTERWORLO.COM  35 


Less  Stress  for  IT? 


A  new  survey  shows  that,  while  stress 
remains  high  for  IT  administrators 
in  the  U.S.,  it's  generally 
down  from  a  year  earlier.  The 

independent  blind  survey  of 
207  IT  administrators  in  ll.S. 
organizations  with  more  than  10 
employees  was  conducted  in  March  on 
behalf  of  GFI  Software.  Here’s  a  look  at 
some  of  the  findings: 


2013  2012 


OT  Extremes 


The  top  three  U.S.  cities  in  which 
respondents  work  more  than  eight 

hours  of  overtime  per  week 

Philadelphia 

47% 

Boston 

43% 

Dallas 

40% 

The  three  U.S.  cities  in  which  the 
greatest  percentages  of  respondents 
do  not  experience  any  overtime 


Austin 

66% 

Charlotte 

60% 

Houston 

50% 

1  am  considering  leaving  my  job 
because  of  workplace  stress. 

57% 

67% 

My  job  is  stressful. 

65% 

69% 

1  feel  the  same  level  of  stress 
or  more  stress  than  others 
in  my  social  circle. 

62% 

72% 

1  have  suffered  stress-related 
health  issues  such  as  high 
blood  pressure  because  of  work. 

21% 

20% 

1  have  lost  sleep  because  of  work. 

34% 

42% 

ASK  A  PREMIER  100  IT  LEADER 

Cynthia  Nustad 

The  CIO  at  HMS  answers  questions 

on  the  job  prospects  for  a  mainframe 
programmer  and  more. 


What  are  the  prospects  these  days  for  an 
unemployed  mainframe  programmer/analyst 
with  30  years  of  experience?  We  just  had  a  very 
lengthy  discussion  on  this  topic  at  my  company. 
We  still  successfully  leverage  the  mainframe  for 
some  of  our  products  and  get  great  performance 
and  scale  from  such  equipment.  One  thing  we 
considered  in  our  discussion  was  whether  there 
would  be  enough  talent  10  to  15  years  from  now 
to  work  on  those  tools.  Our  vendor  was  able  to 
put  our  minds  at  ease  by  telling  us  about  universi¬ 
ties  that  are  growing  their  educational  offerings 
to  teach  students  these  technologies.  In  short,  I 
think  the  prospects  continue  to  be  good  for  expe¬ 
rienced  mainframe  talent. 

I  have  been  considering  a  career  in  computer 
forensics  and  network  administration.  Any 
advice?  These  are  very  exciting  areas  in  IT.  I 
would  recommend  spending  the  time  to  get  cer¬ 


tifications  pertinent  to  the  specific  areas  you  are 
passionate  about.  Yes,  studying  for  certifications 
can  be  time-consuming,  and  clearing  the  testing 
hurdles  is  challenging.  But  certifications  will  set 
you  apart  from  others  trying  to  get  the  same  job 
and  will  help  advance  your  career.  And  because 
network  administration  and  forensics  are  chang¬ 
ing  quickly,  recently  minted  certs  are  a  way  of 
telling  employers  that  you  are  keeping  up  to  date, 

I  liken  the  network  to  the  heartbeat  of  a  compa¬ 
ny  -  you  don’t  want  it  to  skip  a  beat,  so  maximum 
uptime  is  imperative.  That  means 
security  and  risk  management 
should  be  part  of  the  discipline. 

Finally,  you  should  develop 
your  skills  in  public  speaking, 
presentations  and  communica¬ 
tions.  This  is  helpful  for  areas  like 
these  that  are  routinely  audited 
and  reviewed.  And  being  able  to 


If  you  have  a  question 
for  one  of  our  Premier 
100  IT  Leaders,  send 
it  to  askaleadena) 
computerworld.com, 
and  watch  for  this 
column  each  month. 


clearly  explain  key  aspects  of  these  important 
areas  -  such  as  how  they  help  drive  business 
value  -  to  executive  leaders  and  other  nontech¬ 
nical  people  will  also  contribute  to  your  success. 

What  are  the  best  programming  languages 
to  be  familiar  with  for  someone  entering 
the  IT  field  today?  Currently,  there  is  tremen¬ 
dous  employer  demand  in  many  programming 
areas.  The  key  thing  to  do  is  ensure  that  your 
capabilities  are  well  rounded.  A  program¬ 
mer  who  can  do  analysis,  create  database 
structures,  write  clean  code,  create  testing 
structures  and  clearly  communicate  all  that  has 
been  done  is  a  very  valuable  asset. 

Businesses  are  seeing  the  data  that  they  retain 
and  analyze  proliferate.  That  means  that  people 
who  understand  the  programming  used  to  sup¬ 
port  data  and  analytics  are  particularly  in  demand, 
if  your  interest  lies  in  this  direction,  you  should  get 
to  know  and  understand  key  new  data  technolo¬ 
gies.  ETL  languages  and  business 
intelligence  tools.  If  your  passion 
is  to  create  applications  and  sys¬ 
tems,  we  seem  to  be  looking  for  . 
Java  and  .Net  talent  constantly. 
Lastly,  I  always  suggest  that  you 
investigate  and  leverage  open- 
source  tools.  They  can  be  excellent 
options  for  certain  needs. 


36  COMPUTERWORLD  MAY  6.  2013 


THINKSTOCK 


IT  careers 


SAP  Consultant,  Irving,  TX  & 
other  client  locations:  (Multiple 
Openings)  Perform  tech  &  func¬ 
tional  analysis,  systems  support, 
analyze,  design  specification, 
configuration,  testing,  documen¬ 
tation,  &  implementation  based 
on  user  needs.  Salary  DOE.  MS 
(BS  +  5  years  of  exp)  in  CS, 
MIS,  CIS,  Eng  (any),  or  related  in 
any  one  of  the  skill  set:  1 .  SAP 
ECC,  SAP  Solution  Manager, 
ABAP/4,  HR  ABAP,  Webdynpro, 
SAP  SRM,  Oracle,  Waterfall, 
Agile,  ALE,  EDI,  SAP  Solution 
Manager,  SAP  modules  -  SD, 
MM,  PP,  PS  &  PLM,  Win,  &  Unix 
W/2yrs  exp  &  ref  ESR-042013- 
1016.  2  SAP  R/3  ECC,  SAP 
modules  such  as  SD,  HCM,  MM, 
SRM,  FI,  CO,  QM,  PS,  EH&S, 
PP,  BI/BW,  BPC,  APO,  BADI, 
IDOC,  ALE,  EDI,  Web  Dynpro, 
SAP  Workflow,  Unix,  &  Win  NT/ 
2000/XP  W/lyr  exp  &  ref  NNP- 
042013-1020.  3.  SAP  R/3,  SAP 
ECC,  SAP  NetWeaver,  HTML5, 
J2EE,  Visio,  Enterprise  Portal, 
SAP  CRM,  BOL,  BADI,  BAPI, 
Web  Services,  ABAP/4, 
WebDynpro,  BSP,  ALV,  SAP 
modules  PM,  SD,  &  MM,  BDC, 
IDocs,  ALV,  Workflows,  Unix,  & 
Win  w/lyr  exp  &  ref  NNP- 
042013-1018.  4.  SAP,  SAP 

Modules  HCM,  ESS,  MSS,  PA, 
QM,  SD,  FI,  SAP  Netweaver, 
SAP  Portal,  Java,  Flex,  IDOC, 
Java,  SOAP,  Webdynpro, 
OOABAP,  Web  Services,  BADI, 
BAPI,  LSMW,  IDOC,  MVC, 
Business  Ojects,  HR  ABAP,  & 
Win  &  ref  CA-042013-1012.  5. 
SAP  R/3,  SAP  ECM,  SAP  SRM, 
C,  C++,  ABAP,  Visual  Basic,  SAP 
SUS,  &  Win  &  ref  PSK-042013- 
1014.  6.  SAP,  Oracle,  DB2,  C, 
C++,  Cobol,  SQL,  MS  Visio,  MS 
Project  Linux,  Unix,  &  Win  XP/ 
2003  &  ref  VS-042013-1010. 
Mail  resume  to  Mouri  Tech,  LLC, 
1303  W.  Walnut  Hill  Lane,  Suite 
#285,  Irving,  TX  75038  or  email 
hr@mouritech.com _ 


Interested  candidates  send 
resume  to:  Google  Inc.,  PO  Box 
26184  San  Francisco,  CA  94126 
attn:  Keeshia  Moultrie.  Please 
reference  job  #  below: 

Technical  Solutions  Consultant 
(NY,  NY)  #1615.6313  Integrate 
Google  products  w/customer 
technologies.  Exp.  incl:  Java  & 
C++;  program  in  Linux,  Unix  & 
Windows  environ;  troubleshoot 
revenue-impact  applications; 
implement  revenue-impacting 
technological  prod  or  pltfrms;  oo 
design  &  dvlpmnt;  SQL  &  rela¬ 
tional  databases;  script  lang; 
commercialize  prod  or  business 
onboarding  of  applications;  & 
provide  technical  guidance  or 
expertise  across  various  technol¬ 
ogy  groups. 

Technical  Account  Manager  (NY 
NY)  #1615.4913  Provide  tech¬ 
nical  support  for  Google's  sales 
team  and  strategic  partners  to 
ensure  the  development  and 
launchof  new  company  products. 
Exp  incl:  search  engine,  video, 
mobile,  e-mail  &  telephony  indus¬ 
tries;  UNIX  or  GNU/Linux  syst 
admin  &  shell  script;  HTML, 
HTTP,  SSL,  or  TCP/IP;  XML  &/or 
XSLT;  large-scale  technical  proj 
mgmnt  or  sw  dvlpmnt  in  internet 
space;  program  lang,  incl,  Java, 
C,  C++,  Jscript,  Python,  or  PHP; 
&  implement  sw  &  syst  tests. 
Software  Engineer  (NY,  NY) 
#1615.3568  Design,  develop, 
modify,  and/or  test  software 
needed  for  various  Google  pro¬ 
jects.  Exp  incl:  large-scale  distrib 
syst;  data  struct  &  algorithms;  sw 
test  methods;  &  oo  program  lang, 
incl  C++,  Python,  or  Java. _ 


Interested  candidates  send  resume  to:  Google  Inc.,  PO  Box  26184  San 
Francisco,  CA  94126  Attn:  Keeshia  Moultrie.  Please  reference  job  #  below: 
Software  Engineer  in  Test  Positions  (Mountain  View,  CA)  Design,  develop, 
modify,  and/or  test  software  needed  for  various  Google  projects.  Exp  incl: 
#1615.3860  algorithm;  sw  dvlpmnt;  C++;  Python;  &  cloud  compute. 
#1615.4969  distrib  syst;  ntwrk  protocols;  create  new  test  harnesses; 
implement  new  automation  tools;  &  create  automated  test  syst. 

SW  Eng  Positions  (Mountain  View,  CA):  Design,  develop,  modify,  and/or 
test  software  needed  for  various  Google  projects.  Exp.  incl: 

#1615.699  info  retrieval  or  mach  leam  syst;  MapReduce  based  lang;  SQL; 
MapReduce;  C++,  Java,  &  Python;  Perl;  distrib  technologies;  core  oper 
syst;  Unix  oper  syst;  data  mine;  auction  theory;  &  live  traffic  experiments. 
#1615.526:  distrib  syst  design  &  implement;  algorithm  dvlpmnt  &  imple¬ 
ment:  analytic  &  proactive  prob  solving;  C,  C++,  Python,  &  Shell  script; 
ntwrkng  &  TCP/IP;  Unix;  &  large  process  syst. 

#1615.5032  Java;  algorithms;  Java  program  on  Android  pltfrm;  oo  pro¬ 
gram;  design  &  implement  Ul;  data  struct  design;  &  MySQL. 

#1615.4118  C,  C++  or  Java;  oo  program;  web  dvlpmnt,  HTML,  CSS, 
Jscript  &  AJAX;  Unix  or  Linux  environ;  &  data  struct,  algorithms,  &  sw 
design. 

#1615.4088  C++  or  Java;  Jscript,  HTML,  &  CSS;  &  client  srvr,  multi¬ 
browser  dynamic  front-end  dvlpmnt. 

#1615.3487  C  &  C++  in  large  scale  data  process  proj  w/STL;  Python; 
Linux  Shell;  relational  &  non-relational  databases;  Matlab  or  R;  large  data 
mgmnt;  MapReduce;  parallel  &  distrib  large-scale  data  process;  mach  learn 
for  optimize;  natural  lang  process;  &  data  demo  in  HTML,  XML,  CSS,  & 
Jscript. 

#1615.5587  C,  C++,  Java,  or  Python;  oo  design;  UNIX  or  Linux;  &  data 
struct,  algorithms,  data  explore  &  sw  design. 

#1615.4002  research  web-scale  data  analysis,  Al,  info  retrieval,  mach 
leam,  Ul  &  personalization;  C/C++,  multithread,  &  STL;  AJAX,  XML,  XSLT; 
Python;  SQL;  Java;  large-scale  data  index;  materialized  view;  hashing, 
DHT,  Branch  &  Bound  DFS,  dynamic  program,  mach  leam  for  info  extrac¬ 
tion;  Al  algorithms,  parallel  &  distrib  compute;  &  MapReduce. 

#1615.5283  design,  implement,  analysis,  &  troubleshoot  on  web  scale  dis¬ 
trib  syst;  real-time  data  process;  large  existing  codebase;  data  mine  & 
mach  leam  algorithms;  data  struct  &  algorithms  design  &  complexity  analy¬ 
sis;  &  program  lang. 

#1615.215  C  &/or  C++,  STL,  &  multithread;  UNIX  script;  MapReduce  or 
Hadoop;  stat  analysis  &  R;  large-scale  data  mining,  mach  learn,  &  info 
retrieval;  &  algorithms;  publication  process  for  inti  conferences  or  journals. 
#1615.5161:  C,  C++,  Java  or  Python;  algorithm  design,  data  struct,  &  syst 
design;  distrib  compute,  data  mine,  &  multithread;  architecting,  design, 
dvlp,  deploy  &  debug  large-scale  distrib  data  process  syst;  UNIX  or  Linux; 
distrib  sys  design  &  RPC  protocols;  TCP/IP;  data  base  program,  incl 
NoSQL  architect;  &  I/O  perf  optimization  &  tuning. 

#1615.4060  mach  learn  tasks;  data  analysis;  C++;  parallel  computation;  & 
data  struct. 

#1615.2090:  C++,  incl  STL,  &  template  metaprogram;  Linux  syst;  algo¬ 
rithms;  data  struct;  stat  models;  &  natural  lang  process. 

#1615.4476:  C  or  C++;  Java;  multithread;  Linux  kernel  internals;  perf 
monitor  &  test  IP  ntwrkng;  ntwrk  control  plane  syst,  OpenFlow,  &  GRE; 
layer-2,  layer-3,  or  layer-4  ntwrk  protocols  &  technologies;  design  of 
RESTful  API;  &  design,  implement,  test,  &  maint  of  multi-component  sw 
ntwrkng  control. 


IT  firm  in  Indianapolis,  IN  seeks 
professionals  for  various  Jr  &  Sr 
level  positions  to  participate  in 
various  phases  of  SDLC. 
Programmer  Analysts:  Dsgn, 
dev  &  test  client  server,  multi-tier 
&  Web  applns  using  skills  such 
as  Oracle,  PL/SQL,  Oracle  forms 
&  rpts,  SSRS,  Bl  Publisher, 
AdobeLiveCycle,  etc. 

Sr.  Software  Engineers:  Dsgn, 
dev  &  test  systems  in  client 
server,  multi-tier  &  Web  envir 
using  skills  such  as 
PowerBuilder,  Oracle,  PL/SQL, 
SQL  Server,  C#,  VB.Net,  SSIS, 
SSRS,  PostgreSQL,  etc. 

Sr.  Systems  Analysts:  Plan, 
estimate,  impact  analysis, 
Database  desgn  &  modeling, 
Performance  tuning,  Data  migra¬ 
tion,  Cognos  reporting  using 
skills  such  as  Oracle,  PL/SQL, 
SQL  Server,  DataStage,  Quality 
Stage,  Informatica,  SSIS, 
Cognos  Analysis  &  Report 
Studio,  etc. 

Reqs:  BS  or  MS  or  equiv  (or  for¬ 
eign  equiv)  in  Comp  Sci,  Eng, 
CIS  or  related  field;  &  2  to  5  yrs 
exper.  Will  accept  suitable  comb 
of  edu/exper/train’g.  Some  posi¬ 
tions  may  require  travel  &/or  relo¬ 
cation.  Mail  resumes  to, 

HR,  IT  Transformers,  Inc. 

IN  Pennsylvania  St, #410, 
Indianapolis, IN  46204. EOE. 


Manager.  Job  location:  Miami, 
FL  &  any  other  unanticipated 
locations  in  the  U.S.  Travel 
Required.  Duties:  Design  & 
develop  ETL  solutions  using 
Oracle  ODI  &  Informatica. 
Design  &  develop  Master  Data 
Mgmt.  Solutions  using  Oracle 
Data  Relationship  Mgmt. 
(DRM).  Develop  &  deliver  long 
term  strategy  for  Data 
Integration  standards  in  con¬ 
junction  with  data  users,  clients 
&  stakeholders  using  ODI  & 
DRM.  Est.  methods  &  pro¬ 
cedures  for  tracking  data  qual., 
completeness,  redundancy  & 
improvement.  Create  short¬ 
term  tactical  solutions  to 
achieve  long-term  objectives  & 
an  overall  data  mgmt..  road 
map  using  Visio.  Identify  & 
develop  opportunities  for  data 
reuse,  migration  or  retirement  of 
systems.  Requires:  M.S. 
degree  in  Comp.  Sci.,  Eng.  or 
related  field  &  2  yrs.  exp.  in  the 
job  offered  or  2  yrs.  exp.  as  a 
Software  Eng.  Concurrent  exp. 
must  incl.:  2  yrs.  exp.  devel¬ 
oping  ETL  solutions  using 
Oracle  ODI  &  Informatica.  Send 
resume  (no  calls)  to:  Michelle 
Ramirez,  The  Hackett  Group, 
Inc.,  1001  Brickell  Bay  Dr.,  Suite 
3000,  Miami,  FL  33131. 


Infosys  Limited,  an  IT  consulting  and  software  services  provider,  is  in 
need  of  individuals  to  work  full-time  in  Plano,  Texas  and  various  unantici¬ 
pated  locations  throughout  the  U.S.  We  have  multiple  openings  for  each 
job  opportunity,  and  are  an  Equal  Opportunity  Employer  M/F/D/V.  Please 
apply  on-line  at  http://www.infosys.com/careers/apply-now/apply.asp  and 
search  for  the  reference  ID(s)  of  interest  listed  below. 

Consultant(s)  (Domain)  -  US  needed  in  Plano,  Texas  and  various  unan¬ 
ticipated  locations  throughout  the  U.S.,  to  help  conduct  IT  requirements 
gathering,  define  problems,  provide  solution  alternatives,  create  detailed 
computer  system  design  documentation,  implement  deployment  plan,  and 
help  conduct  knowledge  transfer  with  the  objective  of  providing  high-quality 
IT  consulting  solutions.  (Req  ID  117BR). 

Consultant(s)  (Infrastructure  Management)  -  US  needed  in  Plano, 
Texas  and  various  unanticipated  locations  throughout  the  U.S.,  to  analyze 
customer  IT  infrastructure  environments,  contribute  to  solution  creation, 
design,  deployment,  support  and  maintenance,  as  per  customer  require¬ 
ments.  (Req  ID  1 19BR). 

Consultant(s)  (Products  and  Packages)  -  US  needed  in  Plano,  Texas 
and  various  unanticipated  locations  throughout  the  U.S.,  to  help  conduct  IT 
requirements  gathering,  define  problems,  provide  solution  alternatives,  cre¬ 
ate  detailed  computer  system,  design  documentation,  implement  deploy¬ 
ment  plan,  and  help  conduct  knowledge  transfer  with  the  objective  of  pro¬ 
viding  high-quality  IT  consulting  solutions.  (Req  ID  120BR). 

Lead  Consultant(s)  (Domain)  -  US  needed  in  Plano,  Texas  and  various 
unanticipated  locations  throughout  the  U.S.,  to  anchor  different  phases  of  IT 
engagement  including  business  process  consulting,  problem  definition,  dis¬ 
covery,  solution  generation,  design,  development,  deployment  and  vali¬ 
dation.  (Req  ID  76BR). 

Lead  Consultant(s)  (Infrastructure  Management)  -  US  needed  in 
Plano,  Texas  and  various  unanticipated  locations  throughout  the  U.S.,  to 
anchor  due-diligence  of  customer  IT  infrastructure  environments,  as  well  as 
the  design,  detailing  and  transition  of  the  assigned  IT  processes/modules. 
Support  deployment  and  issue  resolution.  (Req  ID  81 BR). 

Lead  Consultant(s)  (Products  and  Packages)  -  US  needed  in  Plano, 
Texas  and  various  unanticipated  locations  throughout  the  U.S.,  to  anchor 
different  phases  of  the  IT  engagement  including  business  process  consult¬ 
ing,  problem  definition,  discovery,  solution  generation,  design,  devel¬ 
opment,  deployment  and  validation.  (Req  ID  82BR). 

Principal  Consultant(s)  (Domain)  -  US  needed  in  Plano,  Texas  and  vari¬ 
ous  unanticipated  locations  throughout  the  U.S.,  to  lead  the  engagement 
effort  for  IT  assignments,  from  business  process  consulting  and  problem 
definition  to  solution  design,  development  and  deployment.  Lead  proposal 
development.  Travel  required.  (Req  ID  112BR). 

Principal  Consultant(s)  (Products  and  Packages)  -  US  needed  in 
Plano,  Texas  and  various  unanticipated  locations  throughout  the  U.S.,  to 
lead  the  engagement  effort  for  IT  assignments  from  business  process  con¬ 
sulting  and  problem  definition  to  solution  design,  development  and  deploy¬ 
ment.  Lead  proposal  development.  Travel  Required.  (Req  ID  115BR). 

Principal(s)  -  Management  Consulting  needed  in  Plano,  Texas  and  vari¬ 
ous  unanticipated  locations  throughout  the  U.S.,  to  lead  small  proposals 
and  multiple  streams  on  complex  proposals.  Develop  best  in  class  propos¬ 
als  that  present  Infosys  Point  of  View,  approach  and  IT  solution.  Help  iden¬ 
tify  clients  and  opportunities  for  the  practice,  present  preliminary  ideas  and 
proposals  to  clients,  lead  engagements  from  launch  to  closure.  Travel 
Required.  (Req  ID  106BR). 

Technology  Architect(s)  -  US  needed  in  Plano,  Texas  and  various  unan¬ 
ticipated  locations  throughout  the  U.S.,  to  provide  inputs  on  IT  solution 
architecture  based  on  evaluation/understanding  of  solution  alternatives, 
frameworks  and  products.  Will  interact  with  clients  to  elicit  architectural  and 
non-functional  requirements  like  performance,  scalability,  reliability,  avail¬ 
ability,  maintainability.  (Req  ID  87BR). 

Technology  Architect(s)  (Business  Intelligence)  -  US  needed  in  Plano, 
Texas  and  various  unanticipated  locations  throughout  the  U.S.,  to  provide 
input  on  IT  solution  architecture  based  on  evaluation/understanding  of  solu¬ 
tion  alternatives,  frameworks  and  products.  Will  interact  with  clients  to  elicit 
architectural  and  non-functional  requirements  like  performance,  scalability, 
reliability,  availability,  maintainability.  (Req  ID  95BR). 

Technology  Architect(s)  (Enterprise  Solutions)  -  US  needed  in  Piano, 
Texas  and  various  unanticipated  locations  throughout  the  U.S.,  to  provide 
input  on  IT  solution  architecture  based  on  evaluation/understanding  of  solu¬ 
tion  alternatives,  frameworks  and  products.  Will  interact  with  clients  to  elicit 
architectural  and  non-functional  requirements  like  performance,  scalability, 
reliability,  availability,  maintainability.  (Req  ID  89BR). 

Technology  Architect(s)  (Mobility)  -  US  needed  in  Plano,  Texas  and 
various  unanticipated  locations  throughout  the  U.S.,  to  provide  input  on  IT 
solution  architecture  based  on  evaluation/understanding  of  solution  alter¬ 
natives,  frameworks  and  products.  Will  interact  with  clients  to  elicit  architec¬ 
tural  and  non-functional  requirements  like  performance,  scalability,  reliabil¬ 
ity,  availability,  maintainability.  (Req  ID  100BR). 

Technology  Architect(s)  (SOA  &  EAI)  -  US  needed  in  Plano,  Texas  and 
various  unanticipated  locations  throughout  the  U.S.,  to  provide  input  for 
best  fit  IT  architectural  solutions.  Will  interact  with  clients  to  elicit  architec¬ 
tural  and  non-functional  requirements  like  performance,  scalability,  reliabil¬ 
ity,  availability,  maintainability.  Provide  input  on  solution  architecture  based 
on  evaluation/understanding  of  solutions  alternatives.  (Req  ID  94BR). 

Senior  Associate(s)  -  Management  Consulting  needed  in  Plano,  Texas 
and  various  unanticipated  locations  throughout  the  U.S.,  to  lead  and  con¬ 
tribute  to  different  phases  of  IT  business  engagement  including  launch, 
delivery  and  closure;  lead  small  and  medium-sized  projects  or  complex/key 
sections  of  engagements;  track  and  ensure  adherence  to  timelines,  mile-' 
stones  and  other  operational/financial  processes.  Travel  required.  (Req  ID 
118BR). 


MAY  6,  2013  COMPUTERWORLD  37 


IT  careers 


Interested  candidates  send  resume  to:  Google  Inc.,  PO  Box  26184  San 
Francisco,  CA  94 126  Attn:  Keeshia  Moultrie.  Please  reference  job  #  below: 
User  Interface  Designer  (Mountain  View,  CA)  #1615.4469  Define  the  user 
model  and  user  interface  for  new  and  existing  Google  products  and  fea¬ 
tures.  Exp  inch  graphic  design;  CSS  &  HTML;  &  Adobe  Photoshop  SJor 
Fireworks. 

Research  Scientist  (Mountain  View,  CA)  #1615.3729  Research,  develop 
and  test  Google  products.  Exp  inch  prog  analysis  algorithms  &  data  struct; 
logic  program  lang;  &  databases  &/or  relational  algebra. 

PSO  Technical  Account  Manager  (Mountain  View,  CA)  #1615.3393: 
Provide  technical  support  for  Google's  sales  team  and  strategic  partners  to 
ensure  the  development  and  launch  of  new  company  products.  Exp  inch 
C++,  Java  or  Python;  XML,  HTML,  SQL,  SJor  Jscript;  UNIX  SJor  Linux; 
mgmnt  of  technical  prod  initiatives;  mgmnt  &  business  negotiation;  &  inter¬ 
net  products  &  technologies. 

Quantitative  Analyst  (Mountain  View,  CA)  #1615.3867:  Research  methods 
for  improving  search  engine  company  technology.  Exp  inch  stat  forecast, 
simulation,  SJor  optimization;  oper  research;  program;  C++  &  Python;  &  R, 
SAS,  &  MatLab. 

Product  Manager  (Mountain  View,  CA)  #1615.371:  Take  responsibility  for 
Google  product  from  conception  to  launch.  Exp  inch  bldng  &  scaling  of 
complex  &  mission  critical  solutions;  large  scale  distrib  syst  &  high  availabil¬ 
ity  syst;  &  dvlpmnt  of  internet  products  &  data  security  solutions. 

Software  Engineer  in  Test  (Mountain  View,  CA)  #1615.5223  Design, 
develop,  modify,  and/or  test  software  needed  for  various  Google  projects. 
Exp  inch  C  &/or  C++;  large  scale  sw  proj;  Java;  &  Perl. 

Test  Engineer  (Mountain  View  CA)  #1615.6090  Design,  develop,  modify, 
and/or  test  software  for  various  Google  projects.  Exp.  inch  dvlpmnt  of  test 
automation;  C++,  Java,  or  Python;  sw  testing,  incl  black  &  white  box;  rela¬ 
tional  databases  &  SQL;  test  functional  test  proj;  data  struct  &  OOP;  &  Agile 
methodologies. 

Business  Systems  Integrator  (Mountain  View  CA)  #1615.5624  Design  ana¬ 
lytical  solutions  that  answer  complex  business  decisions.  Exp  inch  dvlpmnt 
of  syst  or  applications  in  C  or  C++  program  lang;  dvlpmnt  of  syst  or  appli¬ 
cation  in  Java  prog  lang;  dvlpmnt  of  systems  or  applications  using  Unix 
based  oper  syst;  dvlpmnt  w/VolP  telephony  protocols,  incl  SIP  &  RTP; 
dvlpmnt  of  large  scale  distrib,  high  avail,  multi-thread  syst;  SQL  &  relational 
databases;  requirements  analysis  in  customer-driven  environ;  Agile  dvlpmnl 
methodologies  &  proj  life  cycles;  &  dvlpmnt  &  debug. 

SW  Eng  Positions  (Mountain  View,  CA):  Design,  develop,  modify,  and/or 
test  software  needed  for  various  Google  projects.  Exp.  inch 
#1615.3670:  large  scale  distrib  syst  &  high  availability  srvcs;  dvlpmnt  of 
Jscript  &  crosspltfrm  HTML/CSS;  web  stack  from  browser/user  agent  to 
srvr;  &  internationalization  &  localization  techniques  to  make  content  avail  ir 
multiple  lang. 

#1615.4137:  Java  &  Jscript;  Unix  oper  syst;  QA/testing;  oo  design;  data 
struct  &  storage  technologies;  algorithm  dvlpmnt  &  implement;  Ul  design  & 
implement;  &  large-scale  distrib  syst. 

#1615.4538  UNIX,  Linux,  &  Shell;  oo  program,  incl,  C  SJor  C++;  Java;  par¬ 
allel  &  distrib  syst;  funct  lang;  multi  tiered  web  srvc  architecture  &  web  tech¬ 
nologies;  ntwrk  program  &  TCP/IP;  data  mining,  info  retrieval,  data  process, 
&  stats;  UML  model;  &  databases,  incl  MySQL. 

#1615.212  dvlpmnt  of  consumer  web  or  mobile  applications;  high  perl 
srvrs;  data  analysis  &  natural  lang  process;  &  C++  &  Java. 

#1615.1719  data  struct,  algorithms  &  mach  learn;  analyze  &  troubleshoot 
large-scale  distrib  syst;  IP  ntwrkng,  ntwrk  analysis,  &  perf  &  application 
issues  using  standard  tools;  &  UNIX  syst  admin,  incl  scripting. 

#1615.5645  oo  prog;  C  SJor  C++;  syst  API  design;  problem  &  perf  analysis 
of  large  scale  distrib  syst;  &  large-scale  parallel  &  distrib  compute,  large- 
scale  file  syst,  or  large-scale  sparse  database. 

#1615.4199:  C,  C++,  or  Java;  stat  analysis  tools,  incl  Matlab  or  R;  &  mach 
learn  techniques,  digital  signal  process,  estimation  &  detection  theory,  prob- 
abilistic  graphical  modeling,  probability  theory,  &  random  processes. _ 


Systems  Analyst,  Fairfax,  VA: 
Analyze,  design,  develop,  imple¬ 
ment,  &  maintain  applications  & 
systems  based  on  user  needs 
using  C#,  C++,  VB.NET,  Delphi, 
Ruby.  Erwin,  Business 
Intelligence,  ETL  Tools, 
PeopleSoft  Financials,  People- 
Soft  SCM,  SQR,  nVision,  Agile, 
Rogue  Wave,  MSMQ,  People 
Code,  People  Tools,  TIBCO 
Rendezvous,  SQL  Server, 
Oracle.  MySQL,  Postgre  SQL, 
Window  Services,  SOA,  Rational 
Rose,  SVN,  Clear  Case,  CVS, 
VSS.  KD  Chart,  Windows,  AIX.  & 
Linux.  Must  have  2  years  of  col¬ 
lege  plus  six  years  of  experience 
in  the  field  Salary  DOE  Email  to 
careers@advancedigitalsys.com 
or  Advance  Digital  Systems. 
10560  Main  St.  Ste  214,  Fairfax. 
VA- 22030. 


Interested  candidates  send 
resume  to:  Google  Inc.,  PO  Box 
26184  San  Francisco,  CA  94126 
attn:  Keeshia  Moultrie.  Please 
reference  job  #  below 
Quantitative  Analyst  (Pittsburgh, 
PA)  #1615.5555:  Research 
methods  for  improving  Google 
technology.  Exp  incl:  large  data 
sets  using  stat  sw.  ind  R.  S-Plus, 
or  Matlab;  &  large  databases,  ind 
SQL 


Infosys  Limited  has  multiple,  full-time  openings  in  Plano,  TX  and  various 
unanticipated  locations  throughout  the  U.S.  Equal  Opportunity  Employer  Ml 
F/D/V.  Please  apply  online  at:  http://www.infosys.com/careers/apply-now/ 
us-jobs.asp  and  search  for  the  job  #  below.  Apply  to  each  job  #  of  interest. 

Project  Managers-U.S.  needed  in  Plano,  Texas,  and  various  unanticipated 
locations  throughout  the  U.S.  to  help  gather  requirements,  define  architec¬ 
ture,  and  determine  scope  to  deliver  IT  solutions.  (Job#  74BR). 

Project  Managers-U.S.  (Enterprise  Solutions)  needed  in  Plano,  Texas,  and 
various  unanticipated  locations  throughout  the  U.S.  to  help  gather  require¬ 
ments,  define  architecture,  and  determine  scope  to  deliver  IT  solutions. 
(Job#  78BR). 

Project  Managers-U.S.  (Business  Intelligence)  needed  in  Plano,  Texas,  and 
various  unanticipated  locations  throughout  the  U.S.  to  help  gather  require¬ 
ments,  define  architecture,  and  determine  scope  to  deliver  IT  solutions. 
(Job#  83BR). 

Project  Managers-U.S.  (Testing)  needed  in  Plano,  Texas,  and  various  unan¬ 
ticipated  locations  throughout  the  U.S.  to  perform  activities  to  ensure  that 
quality  software  work  products  are  delivered  on  schedule,  including  coor¬ 
dination  with  clients  and  internal  teams  across  the  globe.  (Job#  88BR). 

Project  Managers-U.S.  (Engineering)  needed  in  Plano,  Texas,  and  various 
unanticipated  locations  throughout  the  U.S.  to  help  in  application  of  industry 
standard  methods  for  development  to  perform  design  tasks  in  concept 
design,  preliminary  design,  detailed  design,  and  testing  support  phases  of 
the  product  development.  (Job#  85BR). 

Project  Managers-U.S.  (Infrastructure  Management)  needed  in  Plano, 
Texas,  and  various  unanticipated  locations  throughout  the  U.S.  to  help 
design,  develop  and  deploy  IT  solutions  for  infrastructure  environments, 
including  evaluation  of  OS,  DB,  storage,  network  enterprise  applications 
and  middleware.  (Job#  92BR). 

Technology  Leads-U.S.  (Enterprise  Solutions)  needed  in  Plano,  Texas,  and 
various  unanticipated  locations  throughout  the  U.S.  to  design,  develop,  test 
and  deploy  specific  modules  for  software  products.  (Job#  105BR). 

Technology  Leads-U.S.  (Business  Intelligence)  needed  in  Plano,  Texas,  and 
various  unanticipated  locations  throughout  the  U.S.  to  design,  develop,  test 
and  deploy  specific  modules  for  software  products.  (Job#  107BR). 

Technology  Leads-U.S.  (Enterprise  Application  Integration)  needed  in 
Plano,  Texas,  and  various  unanticipated  locations  throughout  the  U.S.  to 
design,  develop,  test,  and  deploy  specific  modules  for  software  products. 

(Job#  109BR). 

Technical  Test  Leads-U.S.  needed  in  Plano,  Texas,  and  various  unantici¬ 
pated  locations  throughout  the  U.S.  to  test  assigned  modules  for  software 
products.  (Job#  103BR). 

Technology  Leads-U.S.  (Engineering)  needed  in  Plano,  Texas,  and  various 
unanticipated  locations  throughout  the  U.S.  to  design,  develop,  test  and 
deploy  specific  modules  for  software  products.  (Job#  110BR). 

Technology  Leads-U.S.  (Infrastructure  Management)  needed  in  Plano, 
Texas,  and  various  unanticipated  locations  throughout  the  U.S.  to  design, 
develop  and  deploy  IT  solutions  for  infrastructure  environments,  including 
evaluation  of  OS,  DB,  storage,  network  enterprise  applications  and  middle- 
ware.  (Job#  114BR). _ 


Looking  for  a 
challenging 
IT  Career, 
shouldn’t  be 
such  a 
challenge. 


Find  your  ideal  job  at 
www.  ITCareers  .com . 


it  careers 


SENIOR  PROGRAMMER 
ANALYST:  Peterson  Technology 
Partners  seeks  qualified  senior 
programmer  analyst  for  its  head¬ 
quarters  located  in  Rolling 
Meadows,  IL  &  various  &  unan¬ 
ticipated  work  locations  through¬ 
out  the  U.S.  Master's  in  Comp. 
Sci.,  Electrical  Engg.,  Comp. 
Engg.,  or  in  a  closely  related  field 
(will  accept  Bachelor's  in  the 
above  fields  +  5  yrs  of  related 
progressive  exp.  in  lieu  of 
Master's)  +  1  yr  exp.  in:  (i)  design 
&  develop  software  programs  & 
instrumentation  for  enterprise 
click  stream  &  analytics  solutions 
ranging  from  web,  mobile  & 
online  apps  using  knowledge  of 
webtrends,  omniture,  google 
analytics,  software  architectures, 
design  patterns,  c#,  vb  script, 
java  script,  ajax,  html,  xml,  xsl, 
css,  regular  expressions,  net¬ 
working,  &  operating  systems;  (ii) 
develop  regression  &  integration 
testing  models  to  ensure  instru¬ 
mentation  is  operational  at  each 
app.  level,  &  design  &  develop 
multi-channel,  high-volume  soft¬ 
ware  data  pipelines  for  collecting 
&  transforming  structured  & 
unstructured  data  from  multiple 
systems  such  as  web  logs,  flat 
files,  tags  &  various  click  stream 
data  sources  thru  the  use  of 
JavaScript,  C#,  asp.net,  Perl, 
SOAP/REST,  Web  Service  APIs. 
Web  Servers.  IIS  &  Apache:  & 
(iii)  design  &  develop  complex 
enterprise  data  models  to  sup¬ 
port  analytics  data  warehouse  & 
business  strategies,  &  utilize 
Oracle,  SQL  Server,  MS  Access, 
SQL  &  PL/SQL  to  develop  & 
maintain  relational  data  models 
incl.  conceptual,  logical  &  physi¬ 
cal  models  at  project  &  enterprise 
levels.  An  EOE.  Respond  by  mail 
to  Peterson  Technology  Partners, 
1600  Golf  Rd,  Ste  1206,  Rolling 
Meadows,  IL  60008.  Refer  to  ad 
code:  PTP-030713. 


Research  in  Motion  Corporation 
(US),  Irving,  TX,  positions  are 
available: 

TX7052  -  Baseband  Hardware 
Designer 

7054  -  Data  Network  Specialist 

Submit  resume  to  Research  in 
Motion  Corporation  (US),  to 
P.O.  Box  141394,  Irving.  TX. 
75014-1394  U  SA,  referencing 
appropriate  job  title  and  requisi¬ 
tion  number. 


(Computer  Professionals  (East 
Windsor.  NJ)  IT  firm.  Sr.  Lvl 
positions  Sr.  S/w  Eng,  Sr.  Prog. 
Analysts,  Sr.  Business. 
Analysts,  Sr.  QA  Analysts.  Sr. 
Business  Systems  Analysts,  Sr. 
Systems  Admins  to  plan,  direct, 
or  coordinate  activities  in  such 
fields  as  electronic  data  proc¬ 
essing.  info,  systems,  sys. 
analysis,  bus.  analysis  &  comp, 
programming  Apply  w/2  copies 
of  res.  to  Angelita  Arguello/HR 
Executive,  Cloudeeva.  Inc.  104 
Windsor  Center  Drive.  Suite  # 
300,  East  Windsor.  NJ  -  08520 


38  COMPUTERWORID  MAY  6.  2013 


SHARK!)'  NK 


TRUE  TALES  OF  IT  LIFE  AS  TOLD  TO  SHARKY 


We  All  Feel  Safer  Now  -  and  Hungry 

Network  administrator  pilot  fish  for  a  local  government  gets  an  email  from  a  co- 
worker  who’s  concerned  that  something  is  wrong  with  a  security  camera  mounted 
on  a  building  across  the  street.  The  email  reads,  “The  entrance  camera  is  showing 
a  picture  of  pizza  instead  of  the  actual  entrance.  Just  happened  15  minutes  ago  per 
staff.  I  have  rebooted  the  video  encoder  and  the  camera  server,  and  it  still  shows 
the  pizza  on  the  screen.  We  might  need  to  go  to  the  other  building  and  see  if  they 


plugged  anything  into  our  switch.” 

A  little  while  later,  Fish  receives  a 
follow-up  email:  “Please  disregard.  A 
truck  with  a  pizza  logo  was  parked  in 
front  of  the  camera." 

Oh,  Right! 

IT  pilot  fish  is  at  a  client  site  to  do  an 
upgrade,  and  the  client  proudly  men¬ 


tions  that  he  just  ordered  yet  another 
four-drawer  file  cabinet  dedicated  for 
backup  logs.  “I  asked  if  I  could  see 
where  the  backup  logs  were  kept,” 
says  fish.  “I  was  led  into  a  room 
with  almost  a  dozen  four-drawer  file 
cabinets,  holding  more  than  10  years’ 
worth  of  backup  log  reports.  I  knew 
the  client  only  has  four  weeks  of 


»  Sharky  needs  your  true  tale 
of  IT  life.  Send  it  to  me  at  sharky® 
computerworld.com,  and  you’ll 
snag  a  snazzy  Shark  shirt  if  I  use  it. 


backup  media,  so  l  pulled  out  a  back¬ 
up  log  report  from  five  years  ago  and 
asked  the  client,  ‘Where  is  the  tape 
with  these  files  on  it?’  The  client  was 
stunned  -  and  then  quickly  canceled 
the  file  cabinet  order.” 


Who  Needs  It? 


This  IT  group  is  evaluating  IP  phone 
systems.  “A  cloud-based  contender 
sent  us  a  switch  so  we  could  try 
it  out  using  our  existing  IP 
phones,”  reports  a  pilot  fish  ori 
the  scene.  “We  gathered  sever¬ 
al  bigwigs  and  young  up-and- 
comers  in  a  conference  room 
for  a  demo.”  But  one  of  the 
bigwigs  keeps  interrupting  the 
vendor  rep  giving  the  demo. 
“Why  would  I  want  this?”  he  asks 
when  she’s  describing  manage¬ 
ment  features.  “This  is  nothing  I 
would  use.”  The  rep  calmly  explains 
the  need  for  the  software  and  re¬ 
turns  to  her  demo.  But  a  few  minutes 
later,  the  bigwig  starts  in  again:  “Why 
would  we  spend  the  money  on  that 
software  if  I  would  never  use  it?”  Rep 
patiently  explains  that  the  demo  will 
explain  the  need  for  the  software. 
“Can  we  just  get  on  with  the  demo 
and  skip  all  of  this?”  bigwig  bellows. 
Despite  the  interruptions,  vendor  rep 
finally  completes  her  demo,  includ¬ 
ing  the  full  explanation  of  what  the 
software  does,  all  of  its  functions  and 
the  reliability  the  old  system  doesn’t 
have.  Reports  fish,  “When  she  was 
done,  I  heard  the  bigwig  whisper  to 
an  up-and-comer,  ‘This  is  the  type  of 
capability  and  reliability  we  need  in 
our  phone  system.  We  need  to  imple¬ 
ment  this  immediately!”’ 


HAL  MAYFORTH 


^  CHECKOUT  Sharky’s  blog,  browse  the  Sharkives  and  sign  up  for  home  delivery  at  computerworld.com/sharky. 


M 


COMPUTERWORLD.COM  39 


ADVERTISERS  INDEX 

This  index  is  provided  as  an 
additional  service.  The  publisher 
does  not  assume  any  liability  for 
errors  or  omissions. 


141  Internet . 7 

landl.com 

BlackBerry  . 5 

blackberry.com/business 

Dell/SonicWALL . 31 

sonicwall.com/ 

supermassive9000 

dtSearch  . 35 

dtsearch.com 

ForgeRock . 15 

forgerock.com 

Hewlett-Packard . 23 

hpcloud.com 

IBM  Intel . C4 

ibm.com/systems/no_ 

compromise 

Impetus . 13 

bigdata.impetus.com 

Intel . 9 

intel.com/opensource 

InterSystems . 3 

intersystems.com/ideal4a 

Open  Virtualization 
Alliance . 21 

openvirtualizationalliance.org 

Red  Hat  . 11 

redhat.com/summit 

SuSE  . 19 

suse.com/cloud 

VMware  . C2, 33 

vmware.sddc 


#BPA 


Periodical 
postage 
paid  at 
Framingham,  Mass.,  and 
other  mailing  offices.  Posted 
under  Canadian  International 
Publication  agreement 
PM40063731.  CANADIAN 


POSTMASTER:  Please  return 
undeliverable  copy  to  PO  Box 
1632,  Windsor,  Ontario  N9A 
7C9.  Computerworld  (ISSN 
0010-4841)  is  published 
twice  monthly  except 
for  the  month  of  July  by 
Computerworld  Inc.,  492 
Old  Connecticut  Path,  Box 
9171,  Framingham,  Mass. 
01701-9171.  Copyright 
2011  by  Computerworld 
Inc.  All  rights  reserved. 
Computerworld  can  be 
purchased  on  microfilm 
and  microfiche  through 
University  Microfilms 
Inc.,  300  N.  Zeeb  Road, 

Ann  Arbor,  Mich.  48106. 
Computerworld  is  indexed. 
Back  issues,  if  available, 
may  be  purchased  from  the 
circulation  department. 
Photocopy  rights:  permission 
to  photocopy  for  internal 
or  personal  use  is  granted 
by  Computerworld  Inc. 
for  libraries  and  other 
users  registered  with  the 
Copyright  Clearance  Center 
(CCC),  provided  that  the 
base  fee  of  $3  per  copy  of 
the  article,  plus  50  cents 
per  page,  is  paid  directly  to 
Copyright  Clearance  Center, 
27  Congress  St.,  Salem, 

Mass.  01970.  Reprints 
(minimum  500  copies)  and 
permission  to  reprint  may 
be  purchased  from  The  YGS 
Group.  (800)  290-5460,  Ext. 
100.  Email:  computerworld® 
theygsgroup.com.  Requests 
for  missing  issues  will  be 
honored  only  if  received 
within  60  days  of  issue  date 
Subscription  rates;  $5  per 
copy:  Annual  subscription 
rates:  -  $129;  Canada  - 
$129;  Central  &  So.  America 
-  $250;  Europe  -  $295: 
all  other  countries  -  $295; 
digital  subscription  - 
$29.  Subscriptions  call 
toll-free  (388)  559-7327. 
POSTMASTER:  Send  Form 
3579  (Change  of  Address) 
to  Computerworld,  PO 
Box  3500,  Northbrook,  ill. 
60065-3500. 


A  Call  for  Mobile  Innovation 


It’s  easy 
to  think  of 
smartphones 
and  tablets  as 
the  fraternal 
twins  of  mobile 
computing. 
They  aren’t 


Scot  Finnie  is 

Computerworld's 
editor  in  chief. 
You  can  contact 
him  at  sfinnie® 
computerworld.com 
and  follow  him  on 
Twitter  (giScotFinnie). 


I  FIRST  HEARD  THE  PHRASE  “the  year  of  mobile”  in  1999.  If  you  had 
told  me  then  that  companies  like  Microsoft,  Motorola  and  Nokia 
would  be  lesser  lights  on  the  mobile  stage  by  2012  (the  actual  year 
of  mobile,  by  the  way),  I  would  have  laughed.  That’s  why  I  love  this 
industry:  It  changes  while  you  watch,  with  new  developments  snicking 
into  place  like  the  next  frame  of  a  slide  deck. 


In  this  slide:  The  term  PC  industry  has  been  ren¬ 
dered  obsolete  by  the  dramatically  slowing  growth 
of  PC  sales  and  the  rapid  adoption  of  mobile  tech¬ 
nologies.  Gartner  reports  that  at  the  end  of  2012, 
the  worldwide  installed  base  of  notebook,  desktop 
and  tablet  PCs  was  over  1.75  billion.  In  October  of 
last  year,  Strategy  Analytics  tagged  the  number 
of  smartphones  currently  in  use  at  over  1  billion 
globally,  and  it  projects  that  the  installed  base 
of  tablets  will  surpass  780  million  in  2016.  But 
wait,  shouldn’t  tablet  numbers  and  smartphone 
numbers  be  rolled  up?  I  don’t  think  so. 

The  tablet  phenomenon  is  separate  from,  and 
less  mobile-specific  than,  the  smartphone  phe¬ 
nomenon.  It’s  easy  to  think  of  smartphones  and 
tablets  as  the  fraternal  twins  of  mobile  computing. 
They  aren’t.  The  tablet  is  less  the  newest  mobile 
device  than  it  is  a  thinner,  lighter  incarnation 
of  the  PC.  The  tablet  will  heavily  influence  both 
smartphones  and  PCs,  but  it  is  transitional. 
Smartphones  are  much  better  adapted  to  mobile. 
The  smartphone  is  a  game-changer  that  has  had  a 
profound  effect  on  lifestyles  and  workstyles. 

The  cliche  about  tablets  is  that  they’re  media- 
consumption  devices,  not  content-creation 
devices.  But  that  argument  ignores  the  facts. 

Why?  Because  despite  what  the  pundits  opine,  it’s 
human  nature  to  create  content,  and  all  forms  of 
computing  require  input  of  at  least  short  strings 
of  text.  It’s  easier  to  do  that  on  the  go  with  a 
smaller,  hand-size  smartphone  than  it  is  with  a 
larger  tablet.  Touchscreen  user  interfaces  spur  you 


to  hold  the  device  with  one  hand  and  tap,  scroll 
and  swipe  the  screen  with  the  other.  But  to  use  a 
tablet’s  virtual  keyboard  efficiently  —  with  two 
hands  —  you  need  to  prop  a  9-  or  10-inch  device 
on  a  table  or  your  lap.  And  it’s  awkward  to  use  a 
two-thumb  typing  approach  on  larger  tablets.  The 
transition  from  touch  manipulation  of  the  screen 
to  entering  text  is  fairly  natural  with  a  smart¬ 
phone.  With  a  tablet,  it  can  be  tiresome. 

The  tablet  is  a  very  immature  device,  with  a 
user  interface  designed  for  a  much  smaller  form 
factor.  That  may  be  why  tablets  are  shrinking 
to  7  inches  and  smartphones  are  expanding  to  5 
inches.  Somewhere  in  that  middle  ground  there 
may  be  a  happy  medium.  We  just  don’t  know. 

A  lot  more  innovation  is  desperately  needed  for 
mobile  hardware  design  and  platforms.  Are  Apple, 
Google,  Samsung  and  Microsoft  up  to  the  task? 

Some  people  question,  for  example,  whether 
Apple  has  lost  its  innovation  mojo.  I  think  we’re 
going  to  find  out,  but  I  wouldn’t  bet  against 
Cupertino  just  yet.  Some  think  Google  is  losing 
interest  in  Android.  Samsung  is  merely  adding  the 
latest  available  technologies  with  every  product 
release;  that’s  not  innovation.  As  for  Microsoft,  its 
Surface  Pro  is  a  surprisingly  thoughtful  hardware 
design,  but  Windows  8  was  hustled  out  the  door, 
and  it  shows. 

Just  at  the  moment  when  mobile  innovation  is 
most  needed,  the  market  leaders  may  have  taken 
their  eyes  off  the  road.  Perhaps  that  slide  deck  is 
about  to  advance  another  frame.  ♦ 


40  COMPUTERWORLD  MAY  6.  2013 


The  Computerworld  Linkedln  Forum 
is  a  community  for  all  things  IT: 
news,  analysis  and  discussion  about 
topics  within  IT,  including  careers, 
management  and  hot  topics. 

If  >u  are  an  enterprise  IT  practitione 
at  any  level  we’d  love  to  have  you  join. 

Apt  >ly  for  membership  today  at 

Www.com  puterwo  r  I  d  .com /I  i  n  ked  i  n 


on  Linked  in 


Twice  the  virtualization. 

Lower  management  costs. 

None  of  the  compromises. 

You’ve  been  looking  for  IT  solutions  that  meet  the  increasingly  sophisticated  demands 
on  your  infrastructure.  IBM  Flex  System,™  featuring  Intel®  Xeon®  processors,  provides 
simplicity,  flexibility  and  control  in  a  system  that  doesn’t  require  compromise. 

It  supports  up  to  twice  the  number  of  virtual  machines  as  the  previous  generation  of 
blade  servers.1  And  IBM  Flex  System  Manager™  can  help  reduce  management  costs 
by  providing  visibility  and  control  of  all  physical  and  virtual  assets  from  a  single  vantage 
point.2 

You  can  select  individual  elements  and  integrate  them  yourself  or  with  the  support 
of  an  IBM  Business  Partner.  Or  you  can  choose  an  IBM  PureFlex™  System  and 
leverage  IBM’s  expert  integration  for  an  even  simpler  experience.  Learn  more  at 
ibm.com/systems/no_compromise 


Learn  why  Clabby  Analytics  says  IBM  Flex  System  is  the  best  blade  offering  in  the 
market.  Download  the  paper  at  ibm.com/systems/no_compromise 


'  Based  on  IBM  testing  and  documented  in  IBM  System  x*  Virtualization  Server  Consolidation  sizing  methodology.  IBM  Flex  System  x240  supports  27X  more  Peak  Utilization  Virtual  Machines  (VMs)  than 
previous  generation  BladeCenter*  HS22V. 

2  Based  on  IDC  white  paper  ‘The  Economics  of  Virtualization:  Moving  Toward  an  Application-Based  Cost  Model.'  Michelle  Bailey,  November  2009,  http://wwwvmwarexxxn/files/pdf/VirtualizatKXi-appiicaticin- 

based-cost  model-WP-ENpdf 

Optional  IBM  Flex  System  storage  node  available  fourth  quarter  2012 

IBM.  the  IBM  logo,  System  x.  BladeCenter,  PureFlex,  IBM  Flex  System  Manager  and  IBM  Flex  System  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation,  registered  in  many 
jurisdictions  worldwide  Other  product  and  service  names  might  be  trademarks  of  IBM  or  other  companies.  For  a  current  list  of  IBM  trademarks  see  wwwJbmcomAegaVcopytradeshtml  Intel,  the  Intel  logo 
Xeon,  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  in  the  US  and/or  other  countries  ©International  Business  Machines  Corporation  2013.  Al  rights  reserved. 


